Posted on May 13, 2022 2 minutes
Social Engineering Attacks: Don’t Get Fooled!
With the sudden increase in the number of establishments completely operating via remote means, the internet exposure is higher than ever before. The cyber threats of an organization expose the vulnerabilities present in its assets.
Posted on Apr 29, 2022 3 minutes
Account Takeover Series 3: Account Takeover through Insecure Direct Object Reference
Insecure Direct Object Reference or IDOR occurs when the application trusts the user input and takes sensitive action or shows sensitive information based on the same.
Posted on Apr 22, 2022 2 minutes
ATO Attack Series 2: Account Takeover through Password Reset Poisoning
Every web application that has a login portal also has a reset password functionality with it. This reset password functionality comes in very handy when the user forgets his password. Read on to know how attackers steal your credentials while resetting your password.
Posted on Apr 15, 2022 2 minutes
ATO Attack Series 1: Cross-Site Request Forgery Account Takeover
Cross-Site Request Forgery (CSRF) is a vulnerability that lets an attacker execute some action on the web application on behalf of an authenticated victim user.
Posted on Apr 8, 2022 1 minute
Account Takeover Attack (ATO): How does it work?
Account Takeover is a type of cyberattack in which an attacker can take over a victim’s user account through malicious means. This attack scenario does not involve the attacker being aware of the victim’s sensitive credentials in advance to successfully gain access to an account.