Author: Varad Magare

  • Blog
  • Author: Varad Magare
LOG4J-A BILLION DEVICE VULNERABILITY
LOG4J-A BILLION DEVICE VULNERABILITY
LOG4J-A BILLION DEVICE VULNERABILITY
LOG4J-A BILLION DEVICE VULNERABILITY

LOG4J-A BILLION DEVICE VULNERABILITY

Could you imagine that something very dangerous has been present in billions of devices since 2013 that can potentially take over more than 3.5 billion devices? That seems like chaos! Right? In Christmas time, on Thursday December 9th The Apache Software Foundation released details on a critical vulnerability in Log4j, a logging library used in

CVE-2022-30190 THE FOLLINA VULNERABILITY

Introduction To Follina (CVE-2022-30190) On May 27th, 2022, Nao_sec discovered a strange Word document uploaded from a Belarusian IP address. Apparently, this was a zero-day vulnerability in Microsoft Office or Windows known as Follina. A malicious Word document can exploit the Follina vulnerability and execute arbitrary code. A vulnerability exploits the built-in URL handlers in

Oauth A Feature To Vulnerability

Introduction There have been a huge increase in the number of web services in recent years, and these services must collaborate. You might be asked to store files in your Google Drive by a third-party design software, or to provide your Google contacts by a Content Marketing application. It can be very dangerous to give

Dependency Confusion – A Supply Chain Attack

Dependency confusion is a vulnerability which gained popularity in 2021 when it was discovered by Alex Birson. It is one of the most impactful vulnerabilities amongst the existing vulnerabilities as its results are as heavy or even more than Remote Code Execution attack .  Dependency confusion uses the most common features of the well-known programming