Month: June 2021

XSS VULNERABILITY

Information Security The XSS vulnerability is a serious sort of vulnerability that can execute all types of HTML, CSS, and JavaScript code. It is ranked critical on the OWASP Top 10 list. XSS (Cross Site Scripting) Vulnerability. The ability to execute desired code in a user’s browser using client-based code embedding within HTML codes is …

XSS VULNERABILITY Read More »

NESSUS VULNERABILITY-SCANNER

Information Security Nessus is a tool that automates the scanning and detection of known vulnerabilities and security holes. Typically, even a hacker group, a security software company, or an ordinary user can discover a new vulnerability in a piece of software. This vulnerability can be found by accident or by careful scanning. Information about a …

NESSUS VULNERABILITY-SCANNER Read More »

The Threat of Data Theft: Credential stuffing

The Threat of Data Theft: Credential stuffing When we talk about cyber attacks against companies, one word usually comes to mind: malware.  These software can infect systems and not only valuable confidential corporate information but also users, customers, employees, company suppliers, etc.  It’s also capable of stealing information. What is credential stuffing? A credential stuffing …

The Threat of Data Theft: Credential stuffing Read More »

WHAT IS PENETRATION TEST?

What is Penetration Test? Penetration Testing (pen testing) are tests that allow you to check how much your company’s information/data system is protected against hacker attacks. These are tests carried out by legal and authorized persons in order to make internal and external network systems, databases, web and mobile applications more reliable. Penetration testing can help neutralize potential …

WHAT IS PENETRATION TEST? Read More »

WHAT ARE THE PENETRATION TESTING STANDARDS?

What are the penetration testing standards? An appropriate security framework should include ongoing security training for all developers, threat models for the entire system, regular code reviews, and scheduled penetration testing. Predictability and consistency are among the basic principles of penetration testing. In order for a penetration test to be consistently applied, it must have standards. Some standards are …

WHAT ARE THE PENETRATION TESTING STANDARDS? Read More »

WHAT IS RANSOMWARE?

Ransomware is a type of software that blocks or restricts users’ access to their systems, prevents their use by encrypting files, and other malicious purposes.  This can be accomplished by encrypting the user’s files or screen until the ransom is paid. Ransomware software also known as crypto ransomware and it can encrypt many files on infected systems …

WHAT IS RANSOMWARE? Read More »

PENETRATION TEST IN 10 QUESTIONS

1-What is penetration testing? Penetration testing is part of a comprehensive information security audit. During the audit, most organizational and technical measures to ensure information security are analysed. Security system settings are reviewed, the presence of vulnerabilities in devices, system and user software are revealed, and the system’s response to traditional tricks such as targeted …

PENETRATION TEST IN 10 QUESTIONS Read More »

OWASP TOP 10: INJECTION VULNERABILITY

Information security Injection vulnerabilities are usually vulnerabilities caused by command execution or user data inclusion that are not controlled or prevented. According to statistics, 28% of organizations are affected by this vulnerability. This vulnerability is divided into the following attack vectors: Injection through SQL, LDAP, XPath queries. Injection with commands in operating systems Injection via …

OWASP TOP 10: INJECTION VULNERABILITY Read More »