11 Common Cyber-attack Methods
Although every cyber-attack is individual, the strategies and tactics overall are often very similar and fall into a number of methods. Cyber criminals draw upon common types of hacking techniques …
10 fundamental steps of cyber security
The original ‘10 steps to cyber security’ were published in 2012 and are now used by a majority of the FTSE350. How do you protect your sensitive data and personal …
A guide to Ransomware – what it is, how it works, and how to defend against it
‘In the first half of 2020, the total number of global ransomware reports increased by 715% year-over-year.’ (Threat Landscape Report 2020 by Bitdefender) In this guide to Ransomware – we …
What’s wrong with having an internet facing login page? – SQL injection in Aptean
Exposing administrative interfaces can be dangerous – SQL injection in Aptean TLDR; We have found a time-based SQL injection in Aptean Product Configurator v4.0 SP6 – 4.61.0000 which allowed for …
3CX Phone System Web console affected by XXE
XXE vulnerability in 3CX Phone System Another vulnerability discovered by Logically Secure. This time it is XXE (XML External Entity Injection) and SSRF (Server-Side Request Forgery) in 3CX Phone System …
(XSS) Vulnerabilities found – Choose your test scope correctly
This article aims to present how easy is to overlook the security of (some parts of) the application, leaving widely used CMS systems insecure despite its popularity, open source approach …
LS Team discovers XSS in WordPress Plugin
Often during the penetration testing activities our team comes across potentially unsafe behaviours, coding errors and unspecified misconfiguration errors. This time we had a full access to the WordPress instance, …