As cyber attacks become more and more common, protecting your personal data is becoming increasingly difficult. There are so many ways one could access one of your accounts. If the said account is your email account that you use for logins to your social media, then you are doomed.
Why? Because nearly all known password reset links are sent via email. If a malicious individual has full access to said email, they can use it to reset passwords on all the accounts that you use said email to login with. Then you will be locked out of your email, and all the aforementioned accounts.
We know this...
We have all heard of a proxy before. It acts as an intermediary for requests between the client and the internet. A reverse proxy, however, is not so familiar to the average web user. A WAF (Web Application Firewall) is a type of reverse proxy which sits outside of web applications in production and inspects incoming traffic. If they see a malicious traffic pattern, they will block it.
Web application firewalls typically monitor HTTP and HTTPS traffic between a web application and the internet. The most common use for WAFs is to protect against SQL injections attacks, cross-site scripting...
A man-in-the-middle attack takes place amongst 3 entities which include two legitimate entities and a third-party eavesdropping on them. The attacker in a MITM will have the possibility to not only eavesdrop but also gain sensitive information such as user credentials, personal information, bank details and even install malicious software. In this article, we will go through the common types of man-in-the-middle attacks and how to protect yourself from them.
How does a MITM attack work?
Phishing attacks
Imagine you get an email which requires you to log into your bank and the email...
Like in SQL injection, XPath injection attacks occur when a website constructs an XPath query for XML data from user-supplied information. Thus, the issues that occur when using XML to store data are quite similar to those faces with SQL.
XPath injection is a type of attack where malicious user input can be used to grant unauthorized access or reveal sensitive information such as XML document structure and content. This style of attack is carried out by making the user’s input be used in the construction of the query string. Unlike SQL attacks which depend on the SQL dialect used by...
Most common Cyber-Attacks?
A cyber attack is an action which targets computer systems, infrastructures or networks with the motive of stealing, modifying or destroying data without the user’s consent. In this article, I will take you through the common types of attacks that happen online.
Phishing
This happens by sending false emails to users with the intent of getting sensitive information. This is a combination of social engineering and technical trickery where the attackers pretend to be someone or something legitimate and get your details. These emails come with links which...
There are numerous ways that a site’s security can be compromised. One possible method of attack is an injection attack (i.e. the attacker provides untrusted input to a program). The two most common types of injection attacks are: SQL injection (SQLi) and Cross-site Scripting (XSS) attacks. Today we will discuss the latter and how to protect your site from XSS vulnerabilities.
Cross-site Scripting is a type of computer security vulnerability which allows attackers to inject client-side scripts into web-pages viewed by other users. The attack is carried out when the victim actually...
Cyber-attacks are executed in a nearly uncountable amount of ways. One such style of attack is an injection attack (i.e. when an attacker supplies an untrusted input to a program which is the executed). There are many types of injections attacks, however, the most common ones are SQL injection (SQLi) and Cross-site Scripting (XSS). Today we will delve a little deeper on what exactly is a SQLi attack, how it is carried out and how to defend yourself against it.
What is SQLi?
SQL injection (SQLi) is a type of injection attack that allows the execution of malicious SQL statements. This style...
In the modern age of technology, new security threats arrive daily, but most don’t see the day of light in the public discussion. Every now and then, however, an exceptionally devastating threat makes the news, usually when it is already too late. Such was the WannaCry ransomware outbreak in 2017 which affected hospitals, universities and telecommunication providers in more than 150 countries, causing over $300 million in estimated damages. Now, a new threat has popped up, named BlueKeep or CVE-2019-0708.
It is a software vulnerability affecting older versions of Microsoft Windows...
Despite the global efforts in cybersecurity, the internet is still a very dangerous place, filled with malware and spyware. Having a quality antivirus is crucial to the safety of your data and even hardware. This article will explain how you enable virus protection for your emails on your server running Plesk. Here's what you need to do:
Go to the Mail tab.
Click on the email address you wish to configure the antivirus on.
Click on the Antivirus tab and select the checkbox: "Switch on antivirus protection for this email address". Choose the desired mail...
What is a Proxy Server?
What happens when you browse the web? You type an address on your browser and within few seconds (even less) you get the page you wanted. Without your knowledge, you might have used a proxy server to access the internet.
A proxy server is an intermediary server which separates you from the website you want to access. When using a proxy server, the internet traffic initiated from you will flow through the proxy server to the destination. The destination website will send the results back to you through the proxy server (this doesn’t happen all the time). If...
