Account Takeover by Chaining Multiple Vulnerabilities
On a recent web application pentest I was given two different subdomains in scope for the engagement. One of the subdomains had only 1 functionality available for testing (as the rest were out-of-scope) which contained an input field for commenting and the ability to...
Microsoft Zero-Day Vulnerability
Microsoft has been hit with yet again another critical vulnerability in 2021 by security researcher @jonasLyk who discovered this zero-day while messing around with the upcoming Windows 11 OS – Microsoft’s latest product set to release late this year. If you’ve been...
Protect yourself from spyware
In the news recently it has been reported that from a list of more than 50,000 phone numbers, journalists identified that more than 1,000 people in 50 countries are under surveillance using the Pegasus spyware. This particular software was developed by NSO group an...
The Benefits of Routine Penetration Testing – The Rise of Ransomware
Incidents of ransomware attacks have exploded in the past year due to the rise of cryptocurrency and the increase of homeworking making computers more vulnerable. In recent months we have seen major attacks on the Colonial Pipeline, JBS, and most recently a...
DATA PROTECTION
PENETRATION TESTING
Privacy - Security - Penetration Testing : Your Trusted Advisory Service
Head Office
iSTORM®
10 John Street
Stratford Upon Avon
CV37 6UB
Tel: +44 (0)1789 608708
Company Registration Number
11425744
Company VAT Number
297 9625 30
