vulnerability assessment

September 17, 2019

Scanner or Scammer: Analysis of CamScanner Vulnerability

One of the most popular photo-scanning apps with OCR capabilities, CamScanner was recently found out to be riddled with nasty malware.

An estimated 100 million of CamScanner users may be affected as a result of this threat. After a series of negative reviews on the Google Play Store by users who observed suspicious behavior on the app, Kaspersky researchers investigated and discovered the malicious components of the application. Reportedly, one of the app’s advertising libraries contained the malware component.

February 21, 2019

Dependencies: It’s Not Just Your Code You Need to Secure

Original article published by Cristián Rojas at Hackmetrix Blog

The EQUIFAX USA event of 2017 put a spotlight an under-considered aspect of software security: it’s not just our code that we need to secure. The facts of the case are widely known, but its cause? Not so much. Little is said about the fact that this leak would not have taken place if the developers of the EQUIFAX application had upgraded their Apache Struts web framework to a more secure version.

GBase 8a Implementation Guide: Resource Assessment
No categories
1. Disk Storage Space Evaluation The storage space requirements for a GBase cluster are calculated based on the data volume of the business system, the choice of compression algorithm, and the number of cluster replicas. The data volume of a business s... […]
A Look Into Netflix System Architecture
No categories
Ever wondered how Netflix keeps you glued to your screen with uninterrupted streaming bliss? Netflix Architecture is responsible for the smooth streaming experience that attracts viewers worldwide behind the scenes. Netflix's system architecture emphas... […]
High Availability and Disaster Recovery (HADR) in SQL Server on AWS
No categories
High Availability and Disaster Recovery (HADR) play a vital role in maintaining the integrity of data, reducing downtime, and safeguarding against data loss in enterprise database systems. AWS offers a range of HADR options for SQL Server, which levera... […]
Terraform Tips for Efficient Infrastructure Management
No categories
Terraform is a popular tool for defining and provisioning infrastructure as code (IaC), improving consistency, repeatability, and version control. But you need to know how to use it properly to extract maximum value from it as an infrastructure managem... […]
Integration Testing With Keycloak, Spring Security, Spring Boot, and Spock Framework
No categories
In today's security landscape, OAuth2 has become a standard for securing APIs, providing a more robust and flexible approach than basic authentication. My journey into this domain began with a critical solution architecture decision: migrating from bas... […]