June 2021

XSS VULNERABILITY

Information Security The XSS vulnerability is a serious sort of vulnerability that can execute all types of HTML, CSS, and JavaScript code. It is ranked critical on the OWASP Top 10 list. XSS (Cross Site Scripting) Vulnerability. The ability to execute desired code in a user’s browser using client-based code embedding within HTML codes is

XSS VULNERABILITY Read More »

The Threat of Data Theft: Credential stuffing

The Threat of Data Theft: Credential stuffing When we talk about cyber attacks against companies, one word usually comes to mind: malware.  These software can infect systems and not only valuable confidential corporate information but also users, customers, employees, company suppliers, etc.  It’s also capable of stealing information. What is credential stuffing? A credential stuffing

The Threat of Data Theft: Credential stuffing Read More »

WHAT IS PENETRATION TEST?

What is Penetration Test? Penetration Testing (pen testing) are tests that allow you to check how much your company’s information/data system is protected against hacker attacks. These are tests carried out by legal and authorized persons in order to make internal and external network systems, databases, web and mobile applications more reliable. Penetration testing can help neutralize potential

WHAT IS PENETRATION TEST? Read More »

WHAT ARE THE PENETRATION TESTING STANDARDS?

What are the penetration testing standards? An appropriate security framework should include ongoing security training for all developers, threat models for the entire system, regular code reviews, and scheduled penetration testing. Predictability and consistency are among the basic principles of penetration testing. In order for a penetration test to be consistently applied, it must have standards. Some standards are

WHAT ARE THE PENETRATION TESTING STANDARDS? Read More »

WHAT IS RANSOMWARE?

Ransomware is a type of software that blocks or restricts users’ access to their systems, prevents their use by encrypting files, and other malicious purposes.  This can be accomplished by encrypting the user’s files or screen until the ransom is paid. Ransomware software also known as crypto ransomware and it can encrypt many files on infected systems

WHAT IS RANSOMWARE? Read More »

PENETRATION TEST IN 10 QUESTIONS

1-What is penetration testing? Penetration testing is part of a comprehensive information security audit. During the audit, most organizational and technical measures to ensure information security are analysed. Security system settings are reviewed, the presence of vulnerabilities in devices, system and user software are revealed, and the system’s response to traditional tricks such as targeted

PENETRATION TEST IN 10 QUESTIONS Read More »

OWASP TOP 10: INJECTION VULNERABILITY

Information security Injection vulnerabilities are usually vulnerabilities caused by command execution or user data inclusion that are not controlled or prevented. According to statistics, 28% of organizations are affected by this vulnerability. This vulnerability is divided into the following attack vectors: Injection through SQL, LDAP, XPath queries. Injection with commands in operating systems Injection via

OWASP TOP 10: INJECTION VULNERABILITY Read More »