In our earlier blog, we talked about how some people could misuse Google OAuth to take over someone’s session without permission. Surprisingly, this seemingly harmless part turned out to be a favorite for malware that steals information. CloudSEK found a serious problem where malware uses MultiLogin to keep control of a user’s session, even after
Read More
In the dynamic landscape of cybersecurity, a recent revelation by threat actor “Prisma” has brought to light a significant exploit that allows the generation of persistent Google cookies through token manipulation. This discovery, highlighted by CloudSEK’s threat intelligence researcher, Pavan Karthick M, has far-reaching implications, shaping the narrative of cyber threats in recent times.
Read More
APIs provide great opportunities for businesses to interconnect systems and share data. However, they also introduce significant security risks if not properly protected. APIs have become the backbone of digital business, with over 90% of companies relying on them for their applications according to Red Hat. However, while APIs drive innovation, they also expand the
Read More
Introduction In today’s digital world, protecting sensitive information and data is of utmost importance. That’s why many organizations turn to international standards like ISO 27001 to establish robust information security management systems (ISMS). Implementing ISO 27001 can provide a framework for identifying risks, implementing controls, and ensuring the confidentiality, integrity, and availability of information. In
Read More