Distributed denial-of-service attacks, or DDoS for short, have become commonplace and a major headache for Internet security worldwide. Therefore, protecting a website from DDoS attacks is not an additional option today, but a prerequisite for those who want to avoid downtime, massive losses and damage. What is DDoS? Distributed Denial of Service is an attack […]
DDOS ATTACKS AND PROTECTION METHODS Read More »
Information Security The XSS vulnerability is a serious sort of vulnerability that can execute all types of HTML, CSS, and JavaScript code. It is ranked critical on the OWASP Top 10 list. XSS (Cross Site Scripting) Vulnerability. The ability to execute desired code in a user’s browser using client-based code embedding within HTML codes is
Information Security Nessus is a tool that automates the scanning and detection of known vulnerabilities and security holes. Typically, even a hacker group, a security software company, or an ordinary user can discover a new vulnerability in a piece of software. This vulnerability can be found by accident or by careful scanning. Information about a
NESSUS VULNERABILITY-SCANNER Read More »
The Threat of Data Theft: Credential stuffing When we talk about cyber attacks against companies, one word usually comes to mind: malware. These software can infect systems and not only valuable confidential corporate information but also users, customers, employees, company suppliers, etc. It’s also capable of stealing information. What is credential stuffing? A credential stuffing
The Threat of Data Theft: Credential stuffing Read More »
What is Penetration Test? Penetration Testing (pen testing) are tests that allow you to check how much your company’s information/data system is protected against hacker attacks. These are tests carried out by legal and authorized persons in order to make internal and external network systems, databases, web and mobile applications more reliable. Penetration testing can help neutralize potential
WHAT IS PENETRATION TEST? Read More »
What are the penetration testing standards? An appropriate security framework should include ongoing security training for all developers, threat models for the entire system, regular code reviews, and scheduled penetration testing. Predictability and consistency are among the basic principles of penetration testing. In order for a penetration test to be consistently applied, it must have standards. Some standards are
WHAT ARE THE PENETRATION TESTING STANDARDS? Read More »
Ransomware is a type of software that blocks or restricts users’ access to their systems, prevents their use by encrypting files, and other malicious purposes. This can be accomplished by encrypting the user’s files or screen until the ransom is paid. Ransomware software also known as crypto ransomware and it can encrypt many files on infected systems
WHAT IS RANSOMWARE? Read More »
1-What is penetration testing? Penetration testing is part of a comprehensive information security audit. During the audit, most organizational and technical measures to ensure information security are analysed. Security system settings are reviewed, the presence of vulnerabilities in devices, system and user software are revealed, and the system’s response to traditional tricks such as targeted
PENETRATION TEST IN 10 QUESTIONS Read More »
Information security Injection vulnerabilities are usually vulnerabilities caused by command execution or user data inclusion that are not controlled or prevented. According to statistics, 28% of organizations are affected by this vulnerability. This vulnerability is divided into the following attack vectors: Injection through SQL, LDAP, XPath queries. Injection with commands in operating systems Injection via
OWASP TOP 10: INJECTION VULNERABILITY Read More »
