I stumbled upon a new MySQL remote code execution vulnerability CVE-2016-6662, which details the flaw in the way config file could be written by an authorized mysql user and the config file can be read by mysqld_safe to run malicious code and gain privileged access. CVE-2016-6663, promises to be ...

More »

When I started WidEva Systems, I had only one goal in mind to provide proactive and affordable security, for SMBs. Someone said that it is the journey and not the destination. So, we had laid down the path, and set to go. When talking about security, the most common attack ...

More »

A new vulnerability was discovered with Next Generation Firewalls, dubbed as FireStorm, bypassing firewall limitations to send out data. This can be used by malicious code to interact with command-and-control server and send out data. These firewalls were designed to allow full TCP handshake, irrespective of the destination. This is ...

More »

Hosting servers have been the target for unethical hackers, to spread malwares. One in three websites are either hacked or waiting to be hacked. Site owners are not aware till their site gets blacklisted. This post says 30,000 sites are hacked every day. Site owners have unknowingly become an ...

More »

Opensource has now become very common in business and government organizations, as it is very cost effective and easy to modify as per need. The question is, if it can help in thwarting attacks. Here are my views on how opensource can help IT organization, especially SMBs. Define the Security ...

More »