Tag: abhishek singh
-
New paper: Detection of vulnerabilities in web applications by validating parameter integrity and data flow graphs
Web application vulnerabilities are an important entry vector for threat actors. Indeed, according to the 2019 Verizon Data Breach Incident Report , web applications, privilege misuse and miscellaneous errors account for 81 per cent of breaches of retail organizations. In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani…
-
VB2019 paper: Catch me if you can: detection of injection exploitation by validating query and API integrity
Any web app that relies on some kind of user input is potentially vulnerable to some kind of command injection, be it MySQL, NoSQL or OS command injection. Indeed, OWASP lists this as one of the topmost security risks. In a paper presented at VB2019 in London, Prismo Systems researchers Abhishek Singh and Ramesh Mani…
-
Paper: Spreading techniques used by malware
Malware infections usually start with a user opening an attachment, visiting a link, or simply accessing an infected site with a vulnerable browser. But once malware has infected an endpoint, it often looks for other devices in order to spread further, or at least to include the files on those devices in its malicious encryption…
-
Paper: Spreading techniques used by malware
Malware infections usually start with a user opening an attachment, visiting a link, or simply accessing an infected site with a vulnerable browser. But once malware has infected an endpoint, it often looks for other devices in order to spread further, or at least to include the files on those devices in its malicious encryption…