Vulnerability Management

How attackers exploit vulnerability associated with DNS to launch powerful attacks ?

How attackers exploit vulnerability associated with DNS to launch powerful attacks ? Part 2
The DNS is quite robust but it was designed for usability, without considering security due to which it  often catch the attention of cyber hackers. Over the past years, world witnessed few of the powerful attack targeting DNS. There are numerous DNS attacks which are quite complex most of them take advantage of the communication back and forth between clients and servers. 
In the previous article, I discussed the attack that exploits the working of DNS servers. In this, I am going to elaborate attack that targets the network layer.

How attackers exploit vulnerability associated with DNS to launch powerful attacks?

How attackers exploit vulnerability associated with DNS to launch powerful attacks ?
The Internet works in a manner much similar to the postal service like it's also based on addresses. When the systems wish to communicate over the internet they need to know an address where they can forward the packets or from where the packets/messages are coming. In the language of the computers, these are known as Internet Protocol (IP) address.

15 Parameters to Evaluate a Vulnerability Management Tool

15 Parameters to Evaluate a Vulnerability Management Tool
To deal with current trend of information security and sophisticated cyber threat we need the most efficient and best suited vulnerability management solution for our infrastructure as well as applications. As vulnerability management deal with people, process and technology; we need to choose each of them carefully. Technology is the pillar which is very vast and we cannot opt for multiple investment on the same. We need to be much cautious while choosing the same. One can take into account following parameters while choosing a vulnerability management solution:
  1. Capability in dealing with Asset Inventory: Does the solution provide an asset inventory database? Is it feasible to extend the database schema to support additional fields, such as asset classification? If not, can the technology integrate with other asset management solution/repositories?

Extending SAST tools to detect HARD-CODED PASSWORDS vulnerability

Extending SAST tools to detect HARD-CODED PASSWORDS vulnerability

Sensitive information such as access credentials, passwords, and cryptographic keys should not be stored in the source code. Hard coded passwords may compromise system security in a way that cannot be easily remedied.

Since so many systems are built using an n-tier model, managing automated authentication to back-end systems becomes a problem that needs a solution. For example, the application code might need to authenticate its connection to a back-end database upon which it relies. Many applications use a simple, hard-coded password in the application to ensure it will be able to connect properly. This is a bad idea for several reasons.

First, source code can generally be accessed by a large number of people at an organization spanning adjacent development teams, QA and sometimes even operations staff. That means the hard-coded secret isn't actually secret at all.

QualysGuard asset tagging using Common Platform Enumeration(CPE)


Asset management is a systematic process of deploying, operating, maintaining, upgrading, and disposing of assets cost-effectively. Efficient asset management is highly essential for an effective vulnerability management solution.

The first step in a vulnerability scan is tracking host and these host in groups are basically considered as asset group. While scanning a group of host we include the scope in the matter of asset groups. That is why it is also said that asset management and scanning complement each other. Asset grouping is also important as a complete inventory of asset provides insight into their metadata and this helps the organization to analyze the scan result more comprehensively from security point of view.

What is CPE?

Business logic vulnerabilities and some common scenarios of business logic flaws

Business logic vulnerabilities and some common scenarios of business logic flaws

Web applications have become the core mechanism for business processes over the Internet. As more and more businesses are migrating to the Internet model, it has led to various information security issues and vulnerabilities. SQL Injection, Cross Site Scripting, Remote Code Execution to name a few. However apart from the conventional vulnerabilities, there are many forms of business logic vulnerabilities commonly exploited by attackers. These vulnerabilities are routinely overlooked during QA because the process is intended to test what a piece of code is supposed to do and not what it can be made to do. The other problem(s) with business logic flaws is scanners can’t identify them, IDS can’t detect them, and Web application firewalls can’t defend them.

Approach to an efficient Vulnerability Management Program

Approach to an efficient Vulnerability Management Program

Operational challenges are always associated with a vulnerability management program. However to tackle with the new trend of complexity in IT infrastructure, security professionals are putting immense effort to transform vulnerability management into an effective risk reduction solution. Tuning the same into full efficacy can be highly significant and provide great return in investment if implemented carefully and adjusted regularly. The Organization need to modify traditional pattern and adopt the required-modern approach of vulnerability management. Following approaches will lead to acquire the best solution.

5W-2H Approach for Information Security

5W-2H is a classical management tool usually used for process improvement, which helps in analyzing the problem/process in a holistic manner to suggest possible solutions. This approach brings in a 360 degree perspective, which doesn’t stop with implementation of a single or pointed solution but more of a continuous improvement concept to be used for improvisation. Let’s use this concept for information security, which when process improvised will lead to enhanced governance in place with technological aspects inevitably falling in line.  

Consider the situation of Enterprise Vulnerability Management (EVM) to be implemented in an organization, and let’s see how this 5W-2H tool enables us to connect the dots and formulate a plan of action.

Early Vulnerability Detection

Early Vulnerability Detection

Application Security plugin/add-in in IDE (ex. Eclipse, Visual Studio etc.) is a software tool primarily designed to help developers write more secure code by detecting and identifying potentially vulnerable code and providing informative fixes in the early phase (i.e. development phase) of the SSDLC.

Plugin Examples: Application Security plugin for Integrated Development Environment (ASIDE) for Eclipse,  Cigital SecureAssist plugin for Eclipse & Visual Studio.

Features of IDE Plugin:

Painful aspect of Penetration Testing

A penetration testing exercise is always filled with challenges – both for the organization who is to undergo this and the team/organization who is conducting this. Both have different perspective of the challenges. The organization requesting a penetration test has to worry about its objective, scoping, vendor selection, planning and so on while the organization/team conducting the penetration test will have its own set of challenges in the form of selecting the right framework, planning and executing a controlled attack and more. One aspect which is common to both organization and team is – how do we ensure that there is no business disruption or at the least limited performance impact on the target network or systems due to the penetration test.


Subscribe to RSS - Vulnerability Management