Security DB

With an aim to address rapidly evolving spectrum of cyber threats , We are continuosuly working and developing huge vulnerability and security repository that keep track of all recently released exploits changing the way analysts share and research threat intelligence. Keep your vulnerability database updated with CDI's repository of latest exploits.

Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.


We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert lever we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Have been thinking from years that DLL Hijacking is just restricted to Windows only? Then let us make it clear, NO! It's nothing like that. Windows were found vulnerable to DLL Hijacking attacks years ago, but a latest research by a Security Firm research director, Patrick Wardle at Synack, revealed OS X are also similarly vulnerable to DLL Hijacking attacks. Mac OS X Dll Hijacking Patrick is going to show off this concept similar to Windows DLL Hijacking at CanSecWest Applied Security C

There's a bad news for hardcore passionate Gamers around the world. A researcher at Security firm Emisoft have found a malware named Teslacrypt malware which is a kind of Ransomware. Ransomware is a category of malware spread online by cybercriminals in order to get a ransom money from the user in lieu of decryption key for the files, which are in possession of the criminals . This new breed of ransomware dubbed as Teslacrypt malware is found hijacking the user files especially relate

Two Days ago on 14th of March 2015, the official Anonymous YouTube channel came up with a new video allegedly claiming a Facebook Group being deleted by Facebook itself, having more than 30,000 odd members supporting OPISIS started by Anonymous to fight online against ISIS. Anonymous asked a simple reason why the group was deleted without a prior notice/warning and at last thrashed Facebook saying it is now proved that they take sides and does not come out as a unbiased Social Network for peop

Trend Micro researchers Jaaziel Carlos, Jonh Chua, and Rodwin Fuentes came up with another analysis report showing the discovery of another Ransomware family dubbed "PE_VIRLOCK". But here comes the interesting fact that surrounds this New breed of Ransomware. VIRLOCK is a ransomware which is detected to be infecting files as well as doing the routine job of locking the computer screen demanding some ransom. About the Malware and its Routines The first Variant of VIRLOC

Samba Server, used popularly for Linux is found to be critically vulnerable to Remote Code Execution vulnerability. Samba is the most commonly used Windows interoperability suite of programs, used by Linux and Unix systems. The vulnerability is recently disclosed on Samba's official website mentioning the vulnerability with CVE id as CVE-2015-0240. The affected versions are found to be Samba 3.5.0 to 4.2.0rc4. According to Trend Micro researchers this Samba Server Vulnerability is said to be

Cybercriminals have made the biggest leak into the data of US Military Personnel Stationed in Europe. Almost 98000 personal records of military personnel are believed to be compromised from SIGA's records, a german telecom company contracted with AAFES who provides on-base cell phone concessionaire. The data contained the names, addresses, emails & other details of the U.S. Military personnel. Army and Air Force Exchange (AAFES) spokesperson Chris Ward said that, The Exchange learned

In an official Security Advisory, Microsoft has revealed that it's Windows operating Systems are vulnerable to a FREAK SSL/TLS Flaw. The FREAK flaw is a loophole that allows hackers to initiate man-in-the-middle attacks on connections like Sockets Layer(SSL) and Transport Layer Security(TLS). These two security layers use outdated encryption to cipher. " Microsoft is aware of a security feature bypass vulnerability in Secure Channel (Schannel) that affects all supported releases of M

The once popular mail service Microsoft Outlook is the latest one to get caught in the nets of Phishing scam. The users of the service are receiving email as "Microsoft Account Team" with subject as to terminate your account. The emails contains an attached file in the form of a PDF. The mail states that the account team has received a request to terminate your account but if you had not made any such claim then view the attached file. The scam is a typical phishing technique whe

It has been touted as the biggest exploit kit campaign which indulges in the hijacking of registered domains to create a huge amount of subdomains. These sub-domain hijacking has proved to be vital for hackers in redirecting the users to pages with malicious content. This campaign has been largely attributed to the very infamous and known Angler Exploit Kit with fileless exploits serving various malicious payloads, cited Cisco in an official blog. The much talked about "Angler Exploit

The wait is over for new version of Google Chrome! Chrome 41 or 41.0.2272.76 has been released for download with major fixing of 13 high-severity and 6 medium-severity vulnerabilities identified by experts & researchers, with more than 50 other issues of security has been addressed including: A number of new apps/extension APIs Lots of under the hood changes for stability and performance Google handed out a total of $14,500 to the researchers and experts for identifying these Google