Saturday , December 15 2018

December, 2017

  • 19 December

    Phishing, Spear Phishing, and Vishing

    Phishing, Spear Phishing, and Vishing

    Phishing, Spear Phishing, and Vishing: Phishing is a form of social engineering in which you ask someone for a piece of information that you are missing by making it look as if it is a legitimate request. An email might look as if it is from a bank and contain …

  • 18 December

    Spoofing Attacks – Understanding Various Types of Attacks

    Spoofing Attacks – Understanding Various Types of Attacks

    Spoofing Attacks: A spoofing attack is an attempt by someone or something to masquerade as someone else. This type of attack is usually considered an access attack. A common spoofing attack that was popular for many years on early Unix and other timesharing systems involved a programmer writing a fake …

  • 17 December

    Identifying Denial-of-Service and Distributed Denial-of-Service Attacks

    Identifying Denial-of-Service and Distributed Denial-of-Service Attacks

    Identifying Denial-of-Service and Distributed Denial-of-Service Attacks: Denial-of-service (DoS) attacks prevent access to resources by users authorized to use those resources. An attacker may attempt to bring down an e-commerce website to prevent or deny usage by legitimate customers. Most simple DoS attacks from a single system, and a specific server …

  • 16 December

    Top 10 Mobile Devices Security

    Top 10 Mobile Devices Security

    Mobile Device Security: Mobile device, such as laptops, tablet computers, and Smartphones, provide security challenges above those of desktops workstations, servers, and such in that they leave the office and this increases the odds of their theft. In 2010, AvMed Health Plans, a Florida-based company, had two laptops computer stolen. …

  • 15 December

    Authentication (Single Factor) and Authorization

    Authentication (Single Factor) and Multifactor Authorization

    Authentication (Single Factor) and Authorization: The most basic form of authentication is known as single-factor authentication (SFA), because only one type of authentication is checked. SFA is most often implemented as the traditional username/password combination. A username and password are unique identifiers for a logon process. Here’s a synopsis for …

  • 14 December

    VPNs and VPN Concentrators

    VPNs and VPN Concentrators

    VPNs and VPN Concentrators: A virtual private network (VPN) is a private network connection that occurs through a public networks. A private network provides security over an otherwise unsecure environment. VPNs can be used to connect LANs together across the Internet or other public networks. With a VPN, the remote …

  • 13 December

    SQL: Bypassing Authentication

    SQL: Bypassing Authentication

    We can now construct a valid SQL statement that will execute gracefully and retrieve information that we have no rights to retrieve. Bypassing Authentication We know we are dealing with a string column because of the quotes being applied to our input, so we can either the 1=1 or ‘a’=’a …

  • 12 December

    UNDERSTANDING CYBER SECURITY – Download Free Hacking Books

    UNDERSTANDING CYBER SECURITY - Download Free Hacking Books

    UNDERSTANDING CYBER SECURITY – Download Free Hacking Books 1.Backgrounding- A. networking technologies (e.g., hardware, infrastructure) web technologies (e.g., web 2.0, skype) systems technologies communication protocols malware operations mobile technologies (e.g., smart phones) telecommunication technologies backups and archiving (e.g., local, network)   2.Analysis/Assessment- A. data analysis systems analysis risk assessments technical …

  • 11 December

    SQL INJECTION ATTACKS: Finding the Vulnerability

    SQL INJECTION ATTACKS: Finding the Vulnerability

    SQL Injection Attacks: Now that we have the basics of SQL injection down, let’s use our DVWA environment to try it out on a vulnerable page. We have a couple of goals for this section: Crash the application to prove that our input dictates the applications behavior. Retrieve usernames from …

  • 10 December

    The SQL Interpreter

    The SQL Interpreter

    SQL Interpreter: One of the main aspects of this vulnerability that you must understand is that it leverages an SQL interpreter. An interpreter takes input and acts on it immediately without having to go through traditional programming processes such as linking, compiling, debugging, and running. For example, an SQL interpreter …