Two Minutes of Ransomware Attacks: The Facts In this blog post, we will discuss what Ransomware is, how it is used and the risks associated with it. We will also provide tips on how to protect yourself from ransomware attacks. If you prefer to watch Liam explain Ransomware in two minutes, click here. What is […]Find Out More
Author: Josh Hickling
Josh is one of Pentest Peoples Web Application testers, coming from a university background, who's heavily interested in the ethical hacking world.
Apple Cyber Attack Apple iPhone users are one of the largest targets when it comes to cyber-attacks. Apple uncovered its biggest hack in history last November, which went undetected for five years. At the time they alerted users who had fallen victim to the colossal Apple cyber attack. The Phishing Hack targeted Apple’s iCloud service […]Find Out More
In this blog, the topic of Android client-side controls is discussed. Client-side controls are a topic of controversy with the Mobile Security industry, in almost all cases providing only a layer of obscurity between an attacker and potentially sensitive functionality. The aim of this piece is to demonstrate how this may be exploited during a Penetration test and why such controls are inherently vulnerable to interference from an attacker.Find Out More
Cross Site Scripting (XSS) is one of the most well covered web application issues around, however it is surprising how little people truly understand the concept of DOM Based vectors. This blog will aim to clear that confusion up, discussing the difference between traditional and DOM based XSS.Find Out More
Amazon S3 is a great, cheap and flexible option when it comes to sharing and hosting files. However what is not great is that any file can be uploaded to a S3 bucket. And by any file we mean any file including malicious files. It is very common for people not to check the files that are uploaded to S3. But it is possible to virus scan files uploaded to S3. it just takes a little bit of work.Find Out More
PHP Deserialization vulnerabilities are rarely seen on Greybox application assessments, however these should not be overlooked. This blog will look at PHP Deserialzation/Object injection covering how these vulnerabilities can be spotted and the exploit code required to read local files.Find Out More