Skip to content

Blog

NoSQL, means “not only SQL,” refers to a broad category of database technologies that are intended to manage huge volumes of unstructured and semi-structured data.

Detecting NoSQL Injection

SQL Injection is an evergreen vulnerability being discovered on a regular basis in enterprise products and open source libraries as shown by the below chart. Apart from SQL Injection, there are multiple types of injection vulnerabilities such as Command Injection, Nosql injection, OS injection, HTML injection etc. Over the past 10 years, NoSQL databases have… Read More »Detecting NoSQL Injection

Critical CVEs And Active Threats This Week (November 13th – 17th)

This week from November 13 to November 17, Firecompass research identified a huge number of CVEs that are high in severity and ransomware, botnets, and threat actors creating havoc. Some of the CVEs identified are of popular commercial products used by variants of industries and somenew & well known malwares targeting industries for this week.… Read More »Critical CVEs And Active Threats This Week (November 13th – 17th)

How do attackers utilize .git

How Do Attackers Utilize .git For Fun And Profit?

Security teams are busy fixing CVEs, SQLi, and other critical vulnerabilities. However, exposing .git can potentially leak credentials, source code and other sensitive information. In this blog, we will uncover the dangers of hidden exposed .git, and how to identify and mitigate the relevant risk. Introduction In the realm of software development, Git stands as… Read More »How Do Attackers Utilize .git For Fun And Profit?

Critical CVEs And Active Threats

Critical CVEs And Active Threats This Week (November 6-10, 2023)

This week from November 6 to November 10, FireCompass research identified a huge number of CVEs that are high in severity and ransomware, botnets, and threat actors creating havoc. Some of the CVEs identified are of popular commercial products used by variants of industries and some new & well known malwares targeting industries for this… Read More »Critical CVEs And Active Threats This Week (November 6-10, 2023)

Adopting Generative AI In Cyber security

Adopting Generative AI In Cyber Security

In recent years, generative AI has gained significant attention across industries. While it has shown amazing results in applications like image generation, text synthesis, media generation, transformation of content between different media etc, the field of cybersecurity has recently started warming up to the idea of using Generative AI. The question is: Where in cyber… Read More »Adopting Generative AI In Cyber Security