My experiments with AI Weaponization: An Emerging Threat to National Security
While working on AI safety research during Christmas leaves, I was experimenting with various AI models’ security measures and ethical guardrails. What started as curiosity quickly turned into a concerning discovery about how these powerful systems could be weaponized. Large Language Models (LLMs) have become increasingly prevalent in our daily lives, with millions of users […]
Evading SMS Security Feature of a Prominent Mobile Antivirus
This article is about a security feature bypass I reported in a mobile antivirus. As I sat at the airport, waiting for someone, I found myself with roughly two hours to kill. I decided to find some vulnerabilities using my phone. So, I started exploring the mobile antivirus of my phone. The company behind the […]
How I (ethically) hacked an Airline on its inaugural day
During the weekends, I am usually exploring targets for bug bounty; however, this time I thought of securing Indian cyber space. I had a target in mind. it was Akasa Air. The Airline started its flight operations on the same day, 07th August 2022. I thought of looking into it in July, but I decided […]
How to Remove Cache, Local Data of a specific Website from Google Chrome?
How I Received 3 CVEs in Quick Heal Total Security
I was scrolling through Twitter and I thought I should be spending more time on testing thick clients. I decided to find vulnerabilities in an anti virus software as I like to hunt for bugs in cyber security products. I have used QuickHeal during my childhood days also they are doing great research in order […]
Protect Your MongoDB – Story of “The Same Database”
It’s normal now to hear stories about data breaches. Some of them involve publicly exposed Databases, S3 buckets etc. The vulnerability falls into ‘Security Misconfiguration’, A6 – OWASP Top 10 (2017). ” Attackers will often attempt to exploit unpatched flaws or access default accounts, unused pages, unprotected files and directories, etc to gain unauthorized access […]
Crypto-Mining Marketplace NiceHash Fixed a Vulnerability Which Leaked Miners’ Information
Privacy matters to most of us! That applies for crypto world too. Bitcoin transactions don’t directly link to a person, but in case of NiceHash, attackers could find a miner’s BTC wallet address using his Email address. This is a story about How I found a random guy’s recent payments from his cryptocurrency mining activity […]
How to Watch Movies via Flash Drive in Sony Bravia?
This Vulnerability in phpMyAdmin Lets An Attacker Perform DROP TABLE With A Single Click!
Most of you are familiar about Cross Site Request Forgery (CSRF) vulnerability, it is one of the most common vulnerabilities; it was listed in OWASP Top 10 – 2013. Previously, I had found and reported CSRF in an Intel website, by exploiting that vulnerability an attacker could remove items from an authenticated user’s shopping cart. […]
![[Incident Response]: How To Stay Protected From A Ransomware Attack like Wannacry?](https://cyberworldmirror.com/wp-content/uploads/2020/10/ransomware-incident-response-tips-800x445-1.jpg)
[Incident Response]: How To Stay Protected From A Ransomware Attack like Wannacry?
More than 99 Countries, Thousands of companies and networks have been hit by a ransomware known as WannaCry. It is one of the most dangerous and potentially destructive cyber attacks we have ever seen. Some users clicked these photos, which suggests how dangerous and ubiquitous wannacry is. It has affected Airports, Hospitals, Restaurants, Railway Stations also disrupting services for millions of […]