Script Kiddie

 What is a Script Kiddie?

A script kiddie, or skid, is a term that describes a young hacker who has much to learn yet acts as if he or she knows everything. Most of them are teenagers who are in it for fun and treat hacking as a game. Mostly they hack for bragging rights. They also don’t make a real effort to improve their hacking skills. Most don’t even know how to write a hacking program or ‘script’ and are content to pirate those made by others. This lack of skills often leads to their arrest because they leave a trail that’s easy for investigators to track down.read more

Security Analyst

What is a security analyst?

Security analysts can work across the spectrum of computer and information networks. From corporate databases to banking networks and from office networks to military intelligence, security analysts can be found anywhere that large amounts of information are being stored, shared, or used by a computer. A well-trained security analyst will probably have an advanced understanding of both hardware and software, and how data is stored and managed.read more

Cybersecurity Skills

Cybersecurity professionals should be well-versed in computer systems and networks and should have the ability to solve problems and communicate solutions despite the wide variance in job responsibilities across different cybersecurity roles in different industries, studies have shown that specific skills are universally essential for cybersecurity professionals.read more

Blind XSS Impact

What is Blind XSS?

Blind XSS is a flavor of cross-site scripting (XSS), where the attacker “blindly” deploys a series of malicious payloads on web pages that are likely to save them to a persistent state (like in a database, or in a log file). Then, without knowing any details about where the payloads have ended up, or if (and when) they are going to be executed, the attacker waits for the payloads to be pulled out of storage and rendered on a web page loaded by a user. Hence, unlike most XSS attacks, which are non-persistent, and rely on immediate response pages generated from the data input by the attacker in a web form or HTTP query, Blind XSS is a persistent type of XSS that relies on vulnerabilities in the code of the target web pages, which allow malicious scripts, inserted into web controls, to be saved by the server in a database or web site file. These are then “served” to other users as part of HTML page responses, without begin “sanitized” first. read more

Stuxnet Virus

Stuxnet is a malicious computer worm that became infamous for its use to attack Iranian nuclear facilities. That attack made global news headlines in 2010 when it was first discovered. As Malwarebytes' Senior Director of Threat Intelligence Jérôme Segura said in his article Stuxnet new light through old windows "Very few pieces of malware have garnered the same kind of worldwide attention as Stuxnet." read more

Slammer Virus

The SQL slammer worm is a computer virus (technically, a computer worm) that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic, starting at 05:30 UTC on January 25, 2003. It spread rapidly, infecting most of its 75,000 victims within 10 minutes. Although titled "SQL slammer worm", the program did not use the SQL language; it exploited two buffer overflow bugs in Microsoft's flagship SQL Server database product. Other names include W32.SQLExp.Worm, DDOS.SQLP1434.A, the Sapphire Worm, SQL_HEL, and W32/SQLSlammer.read more

Anna kournikova Virus

The Anna Kournikova Virus was a worm that spread by email, disguised as an email attachment with the filed name “AnnaKournikova.jpg.VBS.” The virus was a Visual Basic script that, once opened, emailed itself to all the contacts within the user's Outlook address book. Anna Kournikova was a payload-free virus, however, and did not erase any files or send information back to the creator. read more