STOCK MARKET BSE NSE

Ethical hacker from Kerala in Oracle’s hall of fame

Rishi Mohandas, an independent security researcher hailing from Payyanur in Kannur has found a place in the ‘hall of fame 2018’ list of IT giant Oracle for reporting a bug in its website.

Published: 21st April 2018 03:41 AM  |   Last Updated: 21st April 2018 03:41 AM   |  A+A-

Rishi Mohandas

Express News Service

KOZHIKODE: Rishi Mohandas, an independent security researcher hailing from Payyanur in Kannur has found a place in the ‘hall of fame 2018’ list of IT giant Oracle for reporting a bug in its website. Rishi, currently working in a Dubai firm, reported the ‘Stored XSS (Cross Site Scripting)’ vulnerability.

Through stored attacks, hackers can inject a script which is permanently stored on the target servers, such as in a database, message forum, visitor log or comment field.

“By exploiting the vulnerability, an attacker can use the data available in the website by inserting his own malicious HTML or Java script code on the website. The variety of attacks include transmitting private data such as cookies or other session information, to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user’s machine under the guise of the vulnerable site,” said Rishi in a chat with ‘Express’ from Dubai. Stored cross-site scripting is very dangerous for a number of reasons, he said.

“The hacker can inject Trojans via the code and the page content can be modified. Also, the hacker can mislead the user to his own webpage,” he said. Rishi had reported the bug to Oracle in January this year and the company had fixed it after his report was analysed. The hall of fame at Oracle’s On-Line Presence Security programme is just another feather in Rishi’s cap. Earlier, he had reported security issues in various IT companies.

Stay up to date on all the latest Kerala news with The New Indian Express App. Download now

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp