What is “Content-Type: application/x-protobuf”: Protobuf Explained For Hackers
Have you ever come across this header:
Content-Type: application/x-protobuf
Read on to know what it means and what are possible attack scenarios.
Continue reading
How I Reported a DoS Vulnerability to AWS
BadBotHoneypotEndpoint is used by AWS customers who do not want bots, unauthorised spiders and scrapers to scan their site. It works by blacklisting IP addresses of such bots. I discovered a vulnerability with this endpoint that could allow an attacker to blacklist random IPs.
Continue readingHow I discovered an SSRF leading to AWS Metadata Leakage
This is the story of a juvenile SSRF bug who did know it had the potential to look at AWS secrets. 😮
Continue reading
WhatsApp Bug Causes App Crash & Permanent Loss of Group Chat Messages
Check Point Software Technologies Ltd. (Check Point), a leading provider of cybersecurity solutions has found a bug that could let an attacker deliver a specially crafted group chat message that causes a crash of the WhatsApp application for all members of the group chat.
Continue reading
GPS Spoofing, now a reality
Global Positioning System (GPS) is one technology which has never been looked at through a security lens by the wider audience. We have become dependent on the GPS for our day-to-day lives. However, it is no longer reliable.
Continue reading
What The Heck is CVSS – Part I
Every security researcher, information security personnel or IT personnel should understand CVSS well because this scoring system not only helps you understand the intrinsic severity of the vulnerability but it also provides a way to modify the severity level specific to your environment.
Continue reading
PureLocker Ransomware: One of its kind. Probably, the first of its kind.
A new ransomware, dubbed PureLocker, has been identified by researchers that is being used for targeted attacks against production servers of enterprises.
Continue reading
Hey There, I am Amey Anekar - Cyber Security Specialist with a passion for solving security problems even when resources are limited. I've been fortunate to develop a knack for gauging an organization's cyber security posture and helping them plan a transition towards becoming more resilient in the face of cyber threats. It's a privilege to be able to contribute to the field and assist organizations in safeguarding their digital assets.