Vaadata’s Blog - Website and mobile app security

Solutions August 23, 2024

Exploring Email Change Vulnerabilities and Security Best Practices

Whatever the web application, it is common practice to allow users to change their email address. This functionality is critical because it has a direct impact on account management. Furthermore, the email address is often used as an identifier for authentication. It is therefore essential to secure this functionality.

There are several different situations. In some cases, the application allows users to change their own email address. In other cases, an administrator can change users’ email addresses. Sometimes, both options are possible.

Technical August 23, 2024

Introduction to Nuclei, an Open Source Vulnerability Scanner

Solutions August 6, 2024

What are IoT Attack Vectors and Security Challenges?

IoT security is a key issue for organisations. In all sectors and areas of activity (healthcare, industry, services, transport, energy, etc.), the IoT brings development and growth.

There are currently an estimated 15 billion IoT objects in use worldwide. This number could double by 2030. However, this proliferation of connected objects brings with it new challenges, particularly in terms of security.

Solutions August 6, 2024

Security Audits: Objectives, Types and Methodologies

With cyberattacks on the rise, carrying out an IT security audit has never been a higher priority for businesses.

Web applications, mobile apps, APIs, cloud infrastructures, connected objects, networks and people – nothing is spared. As a result, security audits have become an essential tool for all types of business. Whether technical audits, organisational security audits or compliance audits, there are numerous solutions for securing an information system and countering risks.

Technical August 6, 2024

What is Prototype Pollution? Exploitations and Security Tips

Prototype pollution vulnerabilities are specific to JavaScript. They can be exploited on both the server and client sides. These vulnerabilities allow attackers to execute malicious code or steal data.

It is therefore crucial to understand and address these vulnerabilities. This article details the principles of prototype pollution vulnerabilities, server-side and client-side exploits, as well as the measures to implement to counter these attacks.

Solutions August 5, 2024

Phishing: Methodology, Common Techniques and Tools

We can’t talk about social engineering without mentioning phishing. Similarly, email is essential when it comes to phishing. Although there are other social engineering techniques, such as vishing, and multiple phishing vectors, such as SMS (smishing), email remains the preferred tool of attackers.

In this article, we will present three tools commonly used to carry out phishing campaigns: Gophish, Evilginx and Evilgophish.

Technical July 22, 2024

Account Takeover Techniques and Security Best Practices

Account takeover is a common practice that threatens the security of users and their data. The impact on victims depends on the type of account targeted. It can be minor if it’s a customer loyalty account but becomes critical for a corporate administrator account.

Attacks use a variety of techniques, often based on large-scale campaigns to steal as many credentials as possible. However, there are also application vulnerabilities enabling more targeted account takeover. The presence of these vulnerabilities represents a major risk for companies, especially if an administrator account is compromised.

Solutions July 19, 2024

SAML: How it Works, Vulnerabilities and Common Attacks

Secure identity and access management has become a key challenge for organisations. Among the solutions available, Security Assertion Markup Language (SAML) has become an essential standard for single sign-on (SSO).

This XML-based protocol enables users to authenticate once and access multiple applications without having to log in again, simplifying the user experience. However, if poorly implemented, critical vulnerabilities can be exploited.

Technical July 8, 2024

Understanding NTLM Authentication and NTLM Relay Attacks

In an office environment, user workstations generally use Windows operating systems and therefore authenticate using protocols developed by Microsoft.

And to centralise authentication management, Microsoft provides its Active Directory (AD), which is based on the Kerberos protocol. However, some machines do not implement this protocol and some networks simply do not have an Active Directory. In these cases, there is the NTLM protocol, which can work between two machines without AD or via the Netlogon process.

Technical June 7, 2024

Sqlmap, the Tool for Detecting and Exploiting SQL Injections

Technical May 13, 2024

Exploring LLM Vulnerabilities and Security Best Practices

LLM Security Vulnerabilities and Exploitations Explained

You’ve probably heard about the arrival of LLMs in a big way, at least with ChatGPT.

LLM (Large Language Model) refers to language processing models. These models are trained to perform all types of linguistic tasks: translation, text generation, question answering, etc.

Solutions May 13, 2024

GraphQL API Vulnerabilities, Common Attacks and Security Tips

Developed in 2012 and made open source in 2015 by Facebook, GraphQL (Graph Query Language) has been under the umbrella of the GraphQL Foundation since 2019.

GraphQL is a query language, i.e. a language used to access data in a database or any other information system, in the same way as SQL (Structured Query Language).

Solutions April 15, 2024

Identification and Authentication Failures: OWASP Top 10 #7

Authentication and, by extension, user identification are central to web applications.

These two mechanisms are used to manage rights and access (for example, between an administrator and a standard user), to partition data between different accounts, to identify different users, etc.