SagarinInfoSec Write-upsGoldenJackal Strikes Again: APT Group Breaches Air-Gapped European Government SystemsA shadowy threat looms over European governments — an advanced persistent threat (APT) group known as GoldenJackal has successfully…Oct 24Oct 24
SagarinInfoSec Write-upsModded Versions of Popular Android Apps Used to Distribute New Variant of Necro MalwareA recent investigation by Kaspersky has uncovered a new wave of malicious activity involving modded versions of legitimate Android apps…Sep 29Sep 29
SagarSophisticated Malware Masquerades as Palo Alto GlobalProtect Tool to Infiltrate Middle Eastern…Cybercriminals have upped the ante in their relentless pursuit of valuable corporate data, with a new campaign targeting Middle Eastern…Sep 6Sep 6
SagarinTowards AWSAWS Lambda Command InjectionCommand Injection vulnerability is a daunting one. In this vulnerability, a threat actor can execute arbitrary commands on a host.Dec 31, 20211Dec 31, 20211
SagarinInfoSec Write-upsOWASP-Access Control VulnerabilityThis article is going to focus on Access control security and Broken Access control, it will summarize the thoughts, procedures and…Oct 3, 2021Oct 3, 2021
SagarinInfoSec Write-upsWEB APPLICATION — BUSINESS LOGIC VULNERABILITIESBuisness logic vulnerabilities are flaw in the design, implementation and concept of an application, that allow an attacker to evoke…Sep 13, 2021Sep 13, 2021
SagarinTowards AWSAttack on AWS S3 via SSRFThis article is based on a true incident that happened with Capital One, where almost 106 million customer accounts were breached. Paige…Aug 24, 20211Aug 24, 20211
SagarinTowards AWSAuthenticated ‘Write’ access — AWS s3 Bucket(By Sagar and Shubham Kumar)Jul 16, 20212Jul 16, 20212
SagarinTowards AWSSUBDOMAIN TAKEOVER — AWS S3 BUCKETIn this article, we are going to understand and know how a small vulnerability can cause havoc and result in a subdomain takeover.Jul 8, 20213Jul 8, 20213