Since its inception, the internet has been working within a certain structure. There are servers that host sites that are then used by clients to download data and send requests to. This system works well and has been for dozens of years, however, there is one major issue with it.
The centralized server structure means that only one machine has full control over the storage of data on it. If this server was to be compromised, the attacker would single-handedly have all the control over the data stored there as well as the network the server is part of.
The distributed ledger technology,...
As cyber attacks become more and more common, protecting your personal data is becoming increasingly difficult. There are so many ways one could access one of your accounts. If the said account is your email account that you use for logins to your social media, then you are doomed.
Why? Because nearly all known password reset links are sent via email. If a malicious individual has full access to said email, they can use it to reset passwords on all the accounts that you use said email to login with. Then you will be locked out of your email, and all the aforementioned accounts.
We know this...
Internet is filled with all types of information, thus security has become one of the key components to consider. Due to this, majority of the websites on the internet are recommended to provide security for their visitors.
This is where SSL certification comes into play!
It is recommended that all websites living on the internet have an SSL certification. Nowadays, the majority of web browsers show on the URL bar a ‘not secure’ sign for the sites without an SSL.
Bottom line is, if you want your website to be legit and trustworthy, you need an SSL. Specifically, if your website...
We have all heard of a proxy before. It acts as an intermediary for requests between the client and the internet. A reverse proxy, however, is not so familiar to the average web user. A WAF (Web Application Firewall) is a type of reverse proxy which sits outside of web applications in production and inspects incoming traffic. If they see a malicious traffic pattern, they will block it.
Web application firewalls typically monitor HTTP and HTTPS traffic between a web application and the internet. The most common use for WAFs is to protect against SQL injections attacks, cross-site scripting...
Sadly this certification cannot be used on your CV when you’re applying for a jobL. So what is this certificate and why does it exist?
An SSL certification (Secure Socket Layer) or TLS certification (Transport Layer Security) are protocols used to establish authentic and encrypted connections between networked computers. The best place to see SSL in action is through the internet – the biggest open network in the world.
However, it’s not always cat videos and puppies, it’s far from it. Since the internet is open for everyone, there are people/entities waiting to...
A man-in-the-middle attack takes place amongst 3 entities which include two legitimate entities and a third-party eavesdropping on them. The attacker in a MITM will have the possibility to not only eavesdrop but also gain sensitive information such as user credentials, personal information, bank details and even install malicious software. In this article, we will go through the common types of man-in-the-middle attacks and how to protect yourself from them.
How does a MITM attack work?
Phishing attacks
Imagine you get an email which requires you to log into your bank and the email...
Like in SQL injection, XPath injection attacks occur when a website constructs an XPath query for XML data from user-supplied information. Thus, the issues that occur when using XML to store data are quite similar to those faces with SQL.
XPath injection is a type of attack where malicious user input can be used to grant unauthorized access or reveal sensitive information such as XML document structure and content. This style of attack is carried out by making the user’s input be used in the construction of the query string. Unlike SQL attacks which depend on the SQL dialect used by...
Most common Cyber-Attacks?
A cyber attack is an action which targets computer systems, infrastructures or networks with the motive of stealing, modifying or destroying data without the user’s consent. In this article, I will take you through the common types of attacks that happen online.
Phishing
This happens by sending false emails to users with the intent of getting sensitive information. This is a combination of social engineering and technical trickery where the attackers pretend to be someone or something legitimate and get your details. These emails come with links which...
There are numerous ways that a site’s security can be compromised. One possible method of attack is an injection attack (i.e. the attacker provides untrusted input to a program). The two most common types of injection attacks are: SQL injection (SQLi) and Cross-site Scripting (XSS) attacks. Today we will discuss the latter and how to protect your site from XSS vulnerabilities.
Cross-site Scripting is a type of computer security vulnerability which allows attackers to inject client-side scripts into web-pages viewed by other users. The attack is carried out when the victim actually...
Cyber-attacks are executed in a nearly uncountable amount of ways. One such style of attack is an injection attack (i.e. when an attacker supplies an untrusted input to a program which is the executed). There are many types of injections attacks, however, the most common ones are SQL injection (SQLi) and Cross-site Scripting (XSS). Today we will delve a little deeper on what exactly is a SQLi attack, how it is carried out and how to defend yourself against it.
What is SQLi?
SQL injection (SQLi) is a type of injection attack that allows the execution of malicious SQL statements. This style...
