Vulnerability Assessment

Cyber-MSME-KrishnaG-CEO

India’s Rising Cyber Threats: How MSMEs Can Defend Against Growing Attacks

by

MSMEs are particularly vulnerable to cyberattacks due to various factors, including nation-state attackers from envious countries.

In recent years, India has seen a dramatic increase in cyberattacks, with the average website experiencing **6.9 million unwanted requests annually**, according to Indusface. Alarmingly, this is **26% higher than the global average**, making Indian businesses, particularly Micro, Small, and Medium Enterprises (MSMEs), highly vulnerable. **Denial-of-Service (DoS) attacks** are also disproportionately affecting Indian companies compared to global counterparts.

For MSMEs, which form the backbone of India’s economy, these attacks pose a severe threat. Unlike large corporations, MSMEs often lack **robust cybersecurity infrastructure**, making them prime targets for cybercriminals. The impact of such attacks extends beyond financial loss—**operational disruptions, reputational damage, and legal consequences** can cripple a business overnight.

Improper-Input-Validation-KrishnaG-CEO

2024 CWE Top 25 Most Dangerous Software Weaknesses: Improper Input Validation (CWE-20)

by

Improper input validation occurs when a software application fails to verify that input received is within the expected range, format, type, or value before processing. This weakness paves the way for a variety of security exploits, including injection attacks, buffer overflows, and data manipulation, which can compromise application functionality and user data.

Code-Injection-KrishnaG-CEO

2024 CWE Top 25 Most Dangerous Software Weaknesses: Improper Control of Generation of Code (‘Code Injection’) CWE-94

by

CWE-94, or Code Injection, occurs when a software application improperly controls the input used in generating code. This vulnerability allows attackers to inject malicious code, which the application subsequently compiles or interprets. The injected code can execute unintended commands, compromise data integrity, and even provide attackers with full control over the system.

Missing-Authorisation-KrishnaG-CEO

2024 CWE Top 25 Most Dangerous Software Weaknesses: Missing Authorisation (CWE-862)

by

Missing Authorisation, identified by CWE-862, refers to a software weakness where an application fails to verify if a user is permitted to access specific resources or perform certain actions. While authentication establishes identity, authorisation ensures that the authenticated user has the necessary permissions. When authorisation is missing, attackers can exploit this oversight to access sensitive data, perform unauthorised transactions, or disrupt services.

PenTest-OpenWRT-KrishnaG-CEO

Penetration Testing OpenWRT: A Comprehensive Guide for Penetration Testers and Network Architects

by

OpenWRT, while highly customisable, is not immune to the common security flaws that affect embedded devices. These can range from default configurations to poorly secured web interfaces