Skip to content

Nilesh Surana

Deserialization Attacks Unleashed: How Exploiting Data Formats Can Break Your Security

In the world of cybersecurity, new vulnerabilities are discovered almost every day, but some are more insidious than others. One such vulnerability, which has quietly caused havoc in countless applications, is the threat posed by deserialization attacks. Deserialization—the process of converting a data format into a usable object—seems like an innocent operation at first glance,… Read More »Deserialization Attacks Unleashed: How Exploiting Data Formats Can Break Your Security

Breaking the Trust: How SS7 Attacks Exploit Telecom Security Gaps

Breaking the Trust: How SS7 Attacks Exploit Telecom Security Gaps

In today’s world, it’s hard to envision life without telecommunication services. Individuals engaging in activities like online payments, online shopping, and social media are familiar with using one-time passwords for transaction verification and 2F authentication. The security of this authentication method relies primarily on restricting access to telecommunication networks. Introduction to SS7 Signaling System 7… Read More »Breaking the Trust: How SS7 Attacks Exploit Telecom Security Gaps

Bruce Schneier Joins FireCompass as Advisor to Advance AI-Powered Penetration Testing

Bruce Schneier Joins FireCompass as Advisor to Shape the Future of AI-Powered Automated Penetration Testing

Renowned Security Technologist Partners with AI-Driven Penetration Testing Leader to Help Organizations Stay Ahead of Emerging Threats BOSTON, MA, UNITED STATES, November 27, 2024 /EINPresswire.com/ — FireCompass, a leader in AI-powered Penetration Testing, Continuous Automated Red Teaming (CART), and NextGen Attack Surface Management (ASM), is thrilled to announce that Bruce Schneier, an internationally renowned security… Read More »Bruce Schneier Joins FireCompass as Advisor to Shape the Future of AI-Powered Automated Penetration Testing

Jenkins Vulnerability Exposed: Exploiting CVE-2024-23897 to Access System Files

Jenkins Vulnerability Exposed: Exploiting CVE-2024-23897 to Access System Files

Introduction One of the most talked-about vulnerabilities this year is CVE-2024-23897, a critical Remote Code Execution (RCE) flaw in Jenkins, a popular open-source automation server used for building, testing, and deploying software. Understanding how attackers might exploit this vulnerability and how to use Shodan dorks to identify vulnerable systems is crucial for protecting your infrastructure.… Read More »Jenkins Vulnerability Exposed: Exploiting CVE-2024-23897 to Access System Files