Phreaker

Phreaking is a slang term for hacking into secure telecommunication networks. The term phreaking originally referred to exploring and exploiting the phone networks by mimicking dialing tones to trigger the automatic switches using whistles or custom blue boxes designed for that purpose.read more

Gray Hat Hacker

 A grey hat programmer (additionally spelled grey hat programmer) is somebody who might abuse moral norms or standards, however without the malignant purpose attributed to dark cap programmers.

Grey hat programmers might participate in rehearses that appear to be not exactly totally above board, yet are frequently working for the benefit of everyone. Grey hat programmers address the center ground between white cap programmers, who work for the benefit of those keeping up with secure frameworks, and dark cap programmers who act vindictively to abuse weaknesses in frameworks. more read

Cracker vs Hacker

Computer cracker A computer cracker is an outdated term to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or intentionally breached computer security. Computer crackers were motivated by malicious intent, for-profit, or just because the challenge was there.

read more

Script Kiddie

 What is a Script Kiddie?

A script kiddie, or skid, is a term that describes a young hacker who has much to learn yet acts as if he or she knows everything. Most of them are teenagers who are in it for fun and treat hacking as a game. Mostly they hack for bragging rights. They also don’t make a real effort to improve their hacking skills. Most don’t even know how to write a hacking program or ‘script’ and are content to pirate those made by others. This lack of skills often leads to their arrest because they leave a trail that’s easy for investigators to track down.read more

Security Analyst

What is a security analyst?

Security analysts can work across the spectrum of computer and information networks. From corporate databases to banking networks and from office networks to military intelligence, security analysts can be found anywhere that large amounts of information are being stored, shared, or used by a computer. A well-trained security analyst will probably have an advanced understanding of both hardware and software, and how data is stored and managed.read more

Cybersecurity Skills

Cybersecurity professionals should be well-versed in computer systems and networks and should have the ability to solve problems and communicate solutions despite the wide variance in job responsibilities across different cybersecurity roles in different industries, studies have shown that specific skills are universally essential for cybersecurity professionals.read more

Blind XSS Impact

What is Blind XSS?

Blind XSS is a flavor of cross-site scripting (XSS), where the attacker “blindly” deploys a series of malicious payloads on web pages that are likely to save them to a persistent state (like in a database, or in a log file). Then, without knowing any details about where the payloads have ended up, or if (and when) they are going to be executed, the attacker waits for the payloads to be pulled out of storage and rendered on a web page loaded by a user. Hence, unlike most XSS attacks, which are non-persistent, and rely on immediate response pages generated from the data input by the attacker in a web form or HTTP query, Blind XSS is a persistent type of XSS that relies on vulnerabilities in the code of the target web pages, which allow malicious scripts, inserted into web controls, to be saved by the server in a database or web site file. These are then “served” to other users as part of HTML page responses, without begin “sanitized” first. read more

Stuxnet Virus

Stuxnet is a malicious computer worm that became infamous for its use to attack Iranian nuclear facilities. That attack made global news headlines in 2010 when it was first discovered. As Malwarebytes' Senior Director of Threat Intelligence Jérôme Segura said in his article Stuxnet new light through old windows "Very few pieces of malware have garnered the same kind of worldwide attention as Stuxnet." read more

Slammer Virus

The SQL slammer worm is a computer virus (technically, a computer worm) that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic, starting at 05:30 UTC on January 25, 2003. It spread rapidly, infecting most of its 75,000 victims within 10 minutes. Although titled "SQL slammer worm", the program did not use the SQL language; it exploited two buffer overflow bugs in Microsoft's flagship SQL Server database product. Other names include W32.SQLExp.Worm, DDOS.SQLP1434.A, the Sapphire Worm, SQL_HEL, and W32/SQLSlammer.read more

Anna kournikova Virus

The Anna Kournikova Virus was a worm that spread by email, disguised as an email attachment with the filed name “AnnaKournikova.jpg.VBS.” The virus was a Visual Basic script that, once opened, emailed itself to all the contacts within the user's Outlook address book. Anna Kournikova was a payload-free virus, however, and did not erase any files or send information back to the creator. read more

Storm Worm Virus

What is a computer worm?

Several things may come to mind when you think of the word “worm." You may think of delicious soft chewie candies that are sugary and maybe a little sour. Or you may think of the cold-blooded invertebrate animals that wiggle across the Earth’s surface. And if you’re thinking in computing terms, the malware may spring to mind. Similar to real worms, you can say that computer worms don’t have much of a backbone because they often rely on trickery to infect their hosts. They may also seem a bit coldblooded because they can be remorselessly destructive. Let’s learn more about them. read more

MyDoom Virus

What is MyDoom?

While many people call it a virus, technically MyDoom is a worm, as it can operate and spread independently from the host.MyDoom (also known as Nova, W32.MyDoom@mm, Shimgapi, and Email. R) spreads through malicious email attachments. After the victim clicks on the attachment, the worm gets inside the operating system and sends emails to all the victim’s contacts. When people see a familiar name, they are more likely to open a suspicious file. At the time of discovery in 2004, you could also get MyDoom by using the file-sharing platform Kazaa, which is no longer operating.MyDoom adds infected computers to a botnet and then carries out distributed denial of service (DDoS) attacks. When the worm takes control over the victim’s OS, it then opens various ports and provides a backdoor to invite even more malware in.read more

Cryptolocker Virus

Cryptolocker Virus Definition

Cryptolocker is a malware threat that gained notoriety over the last few years. It is a Trojan horse that infects your computer and then searches for files to encrypt. This includes anything on your hard drives and all connected media — for example, USB memory sticks or any shared network drives. In addition, the malware seeks out files and folders you store in the cloud.read more

ILOVEYOU Virus

 What is the ILOVEYOU virus?

The ILOVEYOU virus comes in an email with "ILOVEYOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book. Perhaps more seriously, it results in the loss of every JPEG, MP3, and certain other files on all recipients' hard disks. Since Microsoft Outlook is widely installed as the default email management application in corporate networks worldwide, the ILOVEYOU virus can spread rapidly within a corporation. In fact, this is exactly what happened on May 4, 2000. In just about 10 days, ILOVEYOU reached an estimated 45 million users and caused about $10 Billion in damages.read more

Surface Web ,Deep Web ,Dark Web

Data extraction is one of the most powerful tools enabling you to stay up-to-date with market developments, gain market intelligence, and become competitive in your industry. But extracting data only from surface web pages is usually not enough. There is a deeper extraction process that allows access to high-quality content that’s mostly hidden. Sound dark? To better understand how deep the web can go and what levels of data extraction are available, let’s take a closer look. As a starting point, we’ll differentiate three layers of the net – surface web vs. deep web vs. dark web.read more

Ethical hacking

 What is ethical hacking?

Ethical hacking involves a collection of processes where organizations authorize individuals to exploit a system’s vulnerabilities for a deeper understanding of their existing security posture. When performing an ethical hack, a security professional or researcher replicates the actions and strategies of a malicious hacker. This helps development and security teams to detect and identify security risks before hackers can exploit them.read more

Birthday Attacks

A birthday attack is a type of cryptographic attack that belongs to a class of brute force attacks. It exploits the mathematics behind the birthday problem in probability theory. The success of this attack largely depends upon the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations, as described in the birthday paradox problem.read more

Rootkits Attacks

What Is a Rootkit?

A rootkit is a clandestine computer program designed to provide continued privileged access to a computer while actively hiding its presence. The term rootkit is a connection of the two words "root" and "kit." Originally, a rootkit was a collection of tools that enabled administrator-level access to a computer or network.read more

Web Server Types of Attacks

1) Scanning – Tools, such as Nmap and SuperScan, can be used.

2) Banner grabbing – Identifies the server and version. Netcat and Telnet are useful here.

3) Attacking the web server – The script kiddies’ dream would be to find unpatched servers or discover a recently discussed vulnerability that hasn’t been patched yet. read more

Eavesdropping Attack

Eavesdropping attacks occur through the interception of network traffic. An attacker can obtain passwords, credit card numbers, and other confidential information that a user might be sending over the network by eavesdropping. Eavesdropping can be passive or active. Passive eavesdropping — A hacker detects the information by listening to the message transmission in the network.

Active eavesdropping — A hacker actively grabs the information by disguising himself as a friendly unit and sending queries to transmitters. This is called probing, scanning, or tampering. read more

Silver Sparrow malware

 What is Silver Sparrow malware?

Silver Sparrow is a malicious program targeting Mac OS operating systems. There are two versions of this malware, the key difference being the targeted OS architecture. Silver Sparrow's activity has been observed in the United States, United Kingdom, Canada, France, and Germany.

One variant of Silver Sparrow is designed for Intel x86_64 system architecture, the other for this and M1 ARM64. The latter is relatively new and, as such, is targeted somewhat less. As mentioned, this piece of malicious software is intended to infect systems with other malware, however, at the time of research, it has not been observed injecting compromised devices with any payloads. Therefore, the specific goals of cyber criminals behind Silver Sparrow are unknown. Likewise, it is unclear what potential damage the malware can cause. Additionally, some aspects of Silver Sparrow make its code easily modifiable, which makes it a versatile threat.read more

Cybersecurity Tools

Open-source cybersecurity tools are popular with IT people who want to either test the waters or have an innovative idea to experiment with. Cybersecurity Tools have a special place in the open-source market, for they meet most of the primary enterprise-grade security requirements. Though many tools do not provide the capabilities of the respective paid version, many newcomers use the free versions to learn and test before they purchase the full version. They also allow a great degree of freedom to customize if the user has the required skill set to modify the publicly available source code. Quite often they are used in combination with paid open-source tools to meet some unique business needs. Analytics Insights has curated the Top 10 open-source cybersecurity tools for businesses to deal with the snooping jacks.read more

SQL injection detection tools

 Netsparker

Netsparker is a web vulnerability management solution that includes SQLi detection as one of its many features. It also focuses on scalability, automation, and integration. The suite is built around a web vulnerability scanner and can be integrated with third-party tools. Operators don’t need to be knowledgeable in source code. The company also offers an SQL injection cheat sheet to help in mitigation efforts.

The Netsparker platform uses Proof-based Scanning technology to identify and confirm vulnerabilities, indicating results that are definitely not false positives. In addition to SQL injection, it can identify cross-site scripting (XSS) and other vulnerabilities in web applications, web services, and web APIs.read more

Man-in-the-Middle (MitM) Attacks

 You may have heard the term ‘Man-in-the-middle (MiTM) Attack.’ You may even have a blurred idea of it. But you’re still wondering ‘What exactly is a Man-in-the-middle attack?’ Right? Let us hash it out for you. As implied in the name itself, this kind of attack occurs when an unauthorized entity places him/herself in between two communicating systems and tries to intercept the ongoing transfer of information. To put it simply, a MiTM attack is a modern-day version of bugging.

read more

Password Attacks

Password attacks involve exploiting a broken authorization vulnerability in the system combined with automatic password attack tools that speed up the guessing and cracking of passwords. The attacker uses various techniques to access and expose the credentials of a legitimate user, assuming their identity and privileges. The username-password combination is one of the oldest known account authentication techniques, so adversaries have had time to craft multiple methods of obtaining guessable passwords. Additionally, applications that use passwords as the sole authentication factor are vulnerable to password attacks since the vulnerabilities are well understood. read more

SQL Injection

SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.read more

Malware Detection

 

What is malware

Malware refers to malicious software perpetrators dispatch to infect individual computers or an entire organization’s network. It exploits target system vulnerabilities, such as a bug in legitimate software (e.g., a browser or web application plugin) that can be hijacked. A malware infiltration can be disastrous—consequences include data theft, extortion, or the crippling of network systems. read more

Zero-day exploit Attack

 

Zero-day Attack?

Zero-day meaning and definition

"Zero-day" is a broad term that describes recently discovered security vulnerabilities that hackers can use to attack systems. The term "zero-day" refers to the fact that the vendor or developer has only just learned of the flaw – which means they have “zero days” to fix it. A zero-day attack takes place when hackers exploit the flaw before developers have a chance to address it.read more

SIEM Solutions

 

What is SIEM?

Security Information and Event Management is a set of integrated log management and monitoring tools that help organizations detect targeted attacks and data breaches. SIEM systems aggregate and analyze log event information from devices, infrastructure, systems, and applications to detect suspicious activity inside networks. When anomalous behavior is identified, an alert is generated for investigation.read more

Denial-of-Service (DoS) Attack

The attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic or sending it information that triggers a crash.

In both instances, the DoS attack deprives legitimate users (i.e. employees, members, or account holders) of the service or resource they expected read more

Intrusion Detection and Prevention Systems

 

An Intrusion Detection and Prevention System (IDPs) monitors network traffic for indications of an attack, alerting administrators to possible attacks. IDPS solutions monitor traffic for patterns that match with known attacks. Traditionally, they used signature-based or statistical anomaly detection methods. Still, IDPS increasingly leverages machine learning technologies to process vast amounts of data and identify threats that signature and anomaly detection would miss.read more