Last week a Remote Code Execution vulnerability was disclosed in Spring. Spring is an open-source application framework that provides infrastructure support for creating Java applications that can be deployed on servers as independent packages. Approximately, 70 percent of all Java applications use it. What is CVE-2022-22965? CVE-2022-22965 was assigned to the vulnerability and is considered …

Spring4Shell Read More »

Penetration Testing Anecdote Series

Authentication bypass due to weak verification of SAML Token What is authentication bypass in web applications? The web application vulnerability – authentication bypass occurs when there is improper validation of the user’s identity on the server-side. Generally, a successful authentication bypass requires the attacker to have knowledge of either the username/email ID unlike the case …

Penetration Testing Anecdote Series Read More »

The Privacy and security issues of expanding Telehealth

Telehealth is the distribution of health-related services and information via electronic channels allowing long-distance patient and clinician contact, care, advice, reminders, education, intervention, monitoring, and remote admissions. There has been a many fold increase in the adoption due to COVID 19 and patients being unable to travel to meet doctors. It is important to understand …

The Privacy and security issues of expanding Telehealth Read More »

The Journey from HIPAA Compliance to HITRUST Certification

In today’s complex technological world, there is always the danger of a hostile threat environment lurking around the corner, waiting to manipulate the potholes in the processes and technology. People and organizations with malicious intent always try to act upon such opportunities and cause everlasting damage to the organization’s reputation and finances. In such a …

The Journey from HIPAA Compliance to HITRUST Certification Read More »

Common Controls Framework of Industry-acclaimed security standards

Today’s world is an ever-changing scenario with changes to the technology sector happening more frequently than ever due to emerging technologies. The case is quite similar in the field of Cyber Security. There are a few industry-acclaimed cybersecurity standards for governing the processes and execution of these standards. These standards are usually built upon a …

Common Controls Framework of Industry-acclaimed security standards Read More »

Securing your O365

E-mails are the most used productivity tool by employees. They are also a treasure trove of information and are a lucrative target for hackers as all your data – company, employee, client, etc. are present in one place. Microsoft’s O365 has been a gamechanger in the world of e-mail. It’s easiness, mobility & ready-to-use ability …

Securing your O365 Read More »

Need Help?

I’m Here To Assist You

Something isn’t Clear? We would love to chat and discuss your security & technology challenges.

This website uses cookies to ensure you get the best experience on our website.