Contact Us Get an assessment

Incidense response team

Managing Vulnerabilities in the Digital Era

Managing Vulnerabilities in the Digital Era

The modern digital environment is constantly evolving. Today, security leaders of organizations of all sizes in all sectors are tasked…

The Definitive Guide to Managing Cybersecurity Incidents

The Definitive Guide to Managing Cybersecurity Incidents

The success of a modern organization is increasingly influenced by its ability to manage cybersecurity incidents. Those with the right…

Cloud forensic analysis: all you need to know

Cloud forensic analysis: all you need to know

What you need to know about the cloud forensic analysis process The shift towards the cloud is happening at an…

Cybersecurity Protocols Every Organization Should Know

Cybersecurity Protocols Every Organization Should Know

Regardless of the size of your organization, having the proper cyber attack response plan in place is crucial. The strategy…

Ransomware 101: How to Prevent, Detect, and Respond to a ransomware attack

Ransomware 101: How to Prevent, Detect, and Respond to a ransomware attack

As organizations digitalize, increased technological dependence requires them to embrace cybersecurity as a strategic pillar.

Testlink 1.9.20: Unrestricted file upload and SQL injection

Testlink 1.9.20: Unrestricted file upload and SQL injection

Testlink is an open source, web based test management and test execution system written in PHP (a scripting language also known as an Hypertext Preprocessor).

The rise of Emotet

The rise of Emotet

Emotet is a multipurpose malware which is mainly distributed through spam mails. It was first spotted in 2014 and was designed to steal bank account details.

Execution – Powershell (T1086)

Execution – Powershell (T1086)

Powershell is a commandline interface (CLI) with command and scripting capabilities. Its main targets are System Administrators to automate task and control it.

Initial Access – Drive-by Compromise (T1189)

Initial Access – Drive-by Compromise (T1189)

This post is the first of a series of posts that will provide a better understanding about the techniques used by adversaries to reach their tactical objectives.

In-depth Freemarker Template Injection

In-depth Freemarker Template Injection

During a recent engagement, our AppSec team faced an interesting instance of limited Server Side Template Injection in Freemarker.

An unusual case of Client SQL Injection

An unusual case of Client SQL Injection

It is widely known how dangerous using unsanitized data in SQL queries can be.

Recovering SQLCipher encrypted data with Frida

Recovering SQLCipher encrypted data with Frida

Our AppSec team has faced the SQLCipher library during some recent security audits of mobile applications. According to their GitHub README: