incident response Archives

Exploiting Google Calendar: How Cybercriminals Use Calendar Invites to Spread Malicious Links and What You Can Do to Defend Against It

4 March 20254 March 2025 by Krishna

In the context of cybersecurity, the growing trend of exploiting digital calendar platforms is part of a broader shift towards social engineering and phishing attacks. Traditionally, phishing emails were the go-to vector for spreading malware, but attackers have adapted to newer, more subtle methods of infiltration. By exploiting tools like Google Calendar, which are integral to the workflow of millions of users, attackers are finding ways to bypass conventional email filters and reach their targets with greater ease.

API-Security-Misconfigurations-KrishnaG-CEO

The OWASP Top 10 API Security Risks – 2023: API8:2023 – Security Misconfiguration

19 February 2025 by Krishna

At its core, **security misconfiguration** occurs when the security settings of an API or its supporting systems are improperly configured or left at their default settings. APIs often rely on a wide range of underlying infrastructure, including web servers, databases, cloud services, and identity management systems. Each of these elements needs to be configured in line with security best practices to ensure the overall security posture of the API.

Misconfigurations can arise at any stage in the API lifecycle, from development to deployment, and they are not limited to a single type of vulnerability. They may involve poorly configured authentication mechanisms, incorrect access control settings, or vulnerabilities in third-party services integrated into the API ecosystem.

Security Logging and Monitoring Failures: A Comprehensive Guide for Software Developers, Architects, and Security Analysts

18 January 2025 by Krishna

Security logging involves the systematic recording of events within a system, application, or network. Monitoring, on the other hand, refers to actively reviewing and analysing these logs to detect anomalies or malicious activities.

WordPress db Injection: A Comprehensive Guide for Pen Testers and C-Suite

14 January 2025 by Krishna

WordPress, which began as a simple blogging platform in 2003, has evolved into one of the most widely used content management systems (CMS) globally. Currently powering over 40% of websites, WordPress has become synonymous with digital publishing—ranging from small personal blogs to large-scale enterprise solutions. For many C-level executives, WordPress represents an agile, cost-effective solution to rapidly establish and manage an online presence.
However, with extensive adoption comes amplified risk. The same features that make WordPress easy to use—such as its vibrant plugin ecosystem and open-source nature—can also create ripe opportunities for attackers to exploit vulnerabilities. WordPress database injection, often referred to more broadly as SQL injection (SQLi), stands out as a critical concern. Attackers who successfully execute a database injection can gain unauthorised access to sensitive data, manipulate website content, or even pivot to other parts of the organisation’s network.
WordPress relies on a MySQL (or MariaDB) database to store content, user data, plugin settings, and other critical information. An SQL injection attack leverages insecure code or configurations to inject malicious SQL queries into the database, allowing attackers to read, modify, or even delete data, and in some extreme cases, compromise the server itself.

Board of Directors and Offensive Security: Navigating Cybersecurity Challenges at the Governance Level

25 December 2024 by Krishna

The Board of Directors is responsible for overseeing the implementation of offensive security strategies and ensuring that they are effectively managed. This requires a proactive approach to risk management, where the Board plays an active role in setting the tone for cybersecurity governance and ensuring that appropriate resources and expertise are allocated to address identified risks.

Offensive security refers to the proactive approach of identifying vulnerabilities and potential threats within an organisation’s systems and networks. It involves techniques such as vulnerability assessments, penetration testing, malware analysis, cyber forensics, and reverse engineering. The goal is to simulate real-world attacks, uncover weaknesses, and develop strategies to counteract these threats before they are exploited by malicious actors.