Hello & Welcome Everyone!! Today in this blog we are going to discuss about CSV Injection. Before going to start the discussion we will first understand, what is CSV file, what is CSV injection etc. What is CSV file? CSV is an acronym for “Comma Separated Values” which is used…

The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

Android is a mobile operating system developed by Google, designed mainly for the touchscreen devices like smartphones and tablets. Android operating system was originally released on 23rd September 2008. There are total 11 version of android operating system available till date from Gingerbread to Pie. The number of mobile users…

XML External Entity (XXE) is an attack where application process user-provided data without disabling the reference to external resource this is due to the weakly configured XML parser for the document type declaration (DTD). XML parser in the application supports external reference by-default even though the application does not or…

The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

Hi Readers, In this post discussing how Microsoft Office Word Macros can be used to gather information of a remote system. A Macro is a series of commands or instructions grouped together as a single command to accomplish a task automatically. These are seen in different applications of Microsoft Office…

The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

In our last blog on crypto we discussed on a case study related to penetration testing of crypto exchange. Today we are going to discuss on best security practices for securing crypto exchange sites. Web Application Level 1) Implement Two factor authentication at login and withdrawal sections of the application…