USA
India
APAC
Middle East
Rest of the Countries
“><a href=“https://evil.com”>Click here</a>
Facebook
Linkedin 
X
Youtube
Knowledge Lounge
Category: Uncategorized
Testing for XSS via file upload
xss_popup 1
{{2*2}}[[3*3]]
{{2*2}}[[3*3]]
testing for csrf
CSRF
SSTI
<%= File.open(‘/etc/passwd’).read %>
PIPKA Advisory
Skimming is not a new word to the cybersecurity industry. Earlier, skimming referred to stealing payment data from ATMs by attaching a physical ‘skimmer’ to ATMs. Now, with the evolving payment landscape, skimming has also been evolving into online skimming and targeting e-commerce sites. Online skimming is an adverse activity of stealing payment information from… Continue reading PIPKA Advisory
Emotet Malware
Emotet, the Trojan designed to steal payment data from banks, back in 2014 has now evolved into a highly destructive malware to date. Since the start of 2019 (to today), cybersecurity analysts have been identifying endless emotet activity across the globe. The designers of emotet malware seem to be adding a series of malicious modules… Continue reading Emotet Malware
PCI DSS Controls for Work from Home setup
The COVID-19 (novel coronavirus) pandemic’s outbreak has lead global organizations to work from home to keep employees safe from infection while meeting the operational requirements. Many organizations are leveraging remote working and disseminating business-critical data over a variety of channels, outside their security networks. With an enormous shift in the number of remote working employees,… Continue reading PCI DSS Controls for Work from Home setup
Maze.Ransomware – New Destructive Malware Strain
Maze.Ransomware is a sophisticated windows strain that has been hitting companies since at least May 2019. By the end of September 2019, Maze started becoming infamous for encrypting files and demanding ransom. Malicious actors behind Maze have been intruding into confidential data systems, encrypting sensitive files, and demanding for ransom in bitcoins. Initially, the actors… Continue reading Maze.Ransomware – New Destructive Malware Strain
REvil Ransomware AKA Sodinokibi (RaaS)
REvil Ransomware (also known as Sodinokibi) is a sophisticated file-encrypting windows strain operated as RaaS (Ransomware as a Service). Since mid-April 2019, security researchers have been identifying persistent REvil Ransomware activity across different geographies. At first, the malware propagated via vulnerabilities in Oracle WebLogic Server. Later, the malware started spreading through phishing and spam emails,… Continue reading REvil Ransomware AKA Sodinokibi (RaaS)
SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive, detective, and corrective cybersecurity solutions. Our problem-first, human-centric approach helps businesses strengthen their cybersecurity posture.
Industry recognition by CREST, CERT-In and PCI SSC serves as a testament to our skill, knowledge, and competence.
We apply the power of forensic intelligence and advanced technology to offer true security to 2,000+ customers in 40+ countries.
