Blog Category

What is Single Sign On Authentication?

In the most rudimentary explanation, Single Sign-On authentication allows a single user to access multiple applications using the same credentials. Single Sign-On is also commonly referred as "SSO". SSO is commonly used in Enterprise level systems which require access to multiple applications within the same Local Area Network, which is now expanded to include Wide Area Network.[..]

Privacy and Security issues with Big Data and Cloud

Several organizations deal with a large amount of data on a daily basis. Such organizations constantly look for solutions to optimize the storing of such huge data. Along with storing another concern is to analyze a huge volume of data. This together with the scalability of infrastructure and a budget-friendly solution is something that organizations look for.[..]

What is Multi-factor authentication?

Multi-factor authentication also commonly known as MFA is an authentication process where more than one authentication mechanism is incorporated. A common implementation of MFA is the 2FA, which stands for 2-factor authentication. In a 2FA, two different authentication mechanisms are combined to successfully authenticate a user.[..]

What is WAP?

WAP stands for Wireless Application Protocol. This is a well-known and commonly used standardized protocol which defines how wireless communication can take place between mobile devices and a wireless network. This could include devices such as radio transceivers, cell phones, world wide web, newsgroup, instant messaging and any device that can be used for Internet access. Devices which are based on WAP can interoperate as technology advancement happens over time.[..]

What is Computer Forensics?

Since the WWW (World Wide Web) came into this world in 1990, fast growth is taking place in the professional, criminal and personal use of e-mails, the Internet, social networks, and computers. Those devices capture and create huge amounts of digital data which are stored in different places than most users realize. A user has less opportunity of terminating details-trails perfectly than of committing the great crime. Same as the fingerprint left on the chair adjustment of a vehicle used in the crime, a rough digital evidence (Fingerprint) always kept on speaking the truth.[..]

How to secure your home network?

Our home router has become an internal part of global communication footmark when the use of the Internet has developed to contain home-based telework, entertainment, personal financial management, social network, school work, and businesses. Router facilitates the broadened connection. Almost all these devices are pre-configured in the company that those made and are plug and play for immediate use. After installing a router at home, people frequently connect directly to the world wide web without conducting any additional configuration. People might be reluctant to enhance safeguard configurations because those configurations may seem bit difficult or people are unwilling to spend more time with these advanced configuration settings.[..]

What is Kerberos?

In simplest words, Kerberos is an authentication protocol which can service requests over an untrusted network such as the Internet. Kerberos formed its name from Greek mythology which was a three-headed dog that guarded the gates of Hades. Similarly, in Kerberos authentication, we have three heads representing[..]

What is Data Loss and How do you Prevent it

Data loss is an error condition in information systems that causes stored information to be destroyed by some critical failure or neglect while in storage, transmission, or processing. Most of these systems would implement some form of backup or disaster recovery equipment to both prevent or recover from data loss.[..]

What is SQL Injection?

SQL stands for Structured Query Language and it is a domain-specific language designed to manipulate data in a Relational Database Management System (RDMS) and for stream processing in a Relational Data Stream Management System (RDSMS). The two main advantages of the language is that it was the introduction of accessing multiple records with one command and it discarded the need for administrators to express how to reach a record. At the point in time, the language revolutionized read/write operations for databases and became the popular choice for RDMSs and RDSMSs.[..]

What is ARP Spoofing?

The Address Resolution Protocol (ARP) Spoofing attack, also called ARP Cache Poisoning or ARP Poison Routing, is a technique by which an attacker sends spoofed ARP messages onto a Local Area Network (LAN). It is used to allow the attacker access to incoming internet traffic on a LAN by having their Media Access Control (MAC) Address be linked to the Internet Protocol (IP) Address of another host (usually, the default gateway). Through this, they’re able to receive incoming traffic intended for that IP Address which allows them to intercept the data, modify traffic, or even stop all traffic on the network. Because of this, the technique is often used to open up the possibility of other attacks such as a Denial of Service (DoS) attack, a man in the middle attack, and a session hijacking attack. The success of the attack depends heavily on the attacker gaining direct success to the targeted local network segment and it can only be used on networks which use ARP.[..]

What is LDAP Injection?

The Lightweight Directory Access Protocol (LDAP) is a standard application layer protocol in the Internet Protocol (IP) Suite used for accessing and maintaining distributed directory information services over a network. This is achieved by the protocol's methods to query and manipulate these directory services. Directory services are integral in setting up an Intranet and internet applications through allowing the sharing of the user, system, network, service, and application information on the network. For example, a corporate email for an organization and a telephone directory are both only achievable through directory services. As such, these records are always stored in an organized and often hierarchical structure.[..]

What is Cache Poisoning?

Cache Poisoning (or DNS Spoofing) is an attack technique where corrupted Domain Name Server (DNS) data is stored into the DNS Resolver’s cache and causes it to return an incorrect Internet Protocol (IP) Address. As a result of this, the network traffic is then redirected to the attacker’s (or any other) computer instead of the intended recipient. From here, the attacker could use this to supplement other types of attacks such as a Denial of Service (DoS) attack or a man-in-the-middle attack. It can even be used in aiding them to spread computer worms and other malware or even redirecting users to a malicious site owned by the attacker (this method can be used in phishing attacks).[..]

What is the Keystroke Logging?

Keystroke logging, also called keylogging or keyboard capturing, is the action of recording and saving each keystroke on a keyboard over sometime, usually covertly. This is so that the person who enters the information onto to the keyboard remains unaware of having their information be monitored. The action is done through a logging program which is called a keylogger and it can be either software or hardware.[..]

What is a Man in the Middle Attack?

A man-in-the-middle (MITM) attack is a special type of attack in which an attacker covertly relays and potentially alters data between two parties on a network. These parties are usually oblivious to this attack and believe their connection and communication between each other is secured and their messages have integrity; however, that is not the case. The basis of the attack is to circumvent mutual authentication between the two parties and it can only be considered successful if the attacker can successfully impersonate the involved parties to each other. That is to say, the attacker must appear like Person A to Person B and like Person B to Person A. While it is a very common form of attack, most protocols do provide some kind of endpoint verification process to prevent MITM attacks; such as Transport Layer Security (TLS) which can authenticate both parties via a mutually trusted certificate authority.[..]

What is a Botnet?

The most recent news of huge cyber-attacks using “Zombies” and “Bots” will not be alarming. This will not create this enthusiast think, even for a second, that the digital world has been taken by the living dead creatures or yet alien armies. But one thing will come to realize the "Botnets".[..]

What are cyber threats?

Ransomware is a type of malware that locks users from accessing their data in their computer or any mobile device. To unlock their data, the users must pay a certain amount of ransom, this is mainly done by the payment method which uses Bitcoin. Although paying is an option in recovering your data, it is recommended not to pay because we cannot guarantee the promise of the attackers.[..]

What is Cross-Site Request Forgery (CSRF)?

A Cross-Site Request Forgery (CSRF) is a type of attack whereby a website with malicious intent will send a request to a web application that a user is already verified for. In other words, the request is sent from a malicious website the user visits to another website which the attacker believes the user is already authenticated for. These requests are routed to the target site which the user is validated for via their browser because their browser is authenticated against the site. This means that the vulnerability for this type of attack does not lie with the website which issued the CSRF nor the user, but with the web application. This will allow the attacker to access the functionality of the web application via the victim’s already authenticated browser. It is a type of attack that is frequently used against web applications which deal with social media, in-browser email clients, online banking, and web interfaces for network devices.[..]

What is Carriage Return, Line Feed Injection (CRLF Injection)?

Carriage Return and Line Feed (CRLF) are special character elements typically embedded in Hypertext Transfer Protocol (HTTP) headers and some other software code. The inclusion of these character elements is to denote an End of Line (EOL) marker. These character elements are actually very common as many protocols of the Internet Protocol (IP) Suite, such as HTTP, MIME, and NNTP, use them to discretely split the text into elements. As such, CRLF injection is when an attacker can inject a sequence of CRLF into one of these protocols or software applications; such as an HTTP stream. This is one of the attacks most common uses and as such, has the alternative names of HTTP Response Splitting and Neutralization of CRLF Sequences in HTTP Headers.[..]

What is buffer overflow?

Firstly, we must define what a buffer is. A buffer is an allocated section of memory which can hold anything from a string of characters to an array of integers. That being the case, a buffer overflow (or overrun) is what happens a buffer with a fixed-length receives more data than what it can handle. In this case, the extra data has to be stored somewhere and spills over into an adjacent space in memory which can corrupt or overwrite the data stored there. These overflows usually result in a system crash; however, they also create opportunities for an attacker to run some malicious code or manipulate coding errors. The success of these attacks are very high as most programming languages, such as C, C++, and Fortran are vulnerable to these types of attacks.[..]

What are the most secure encryption algorithms?

Encryption of data has become an integral part of data security. Encryption can protect sensitive information and also provide secure network connections. Encryption generates a ciphertext from your original data, which can be decrypted by the intended recipient. This makes brute force attacks and Man-in-the-middle attack almost impossible.[..]

What is TLS/SSL?

Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are two cryptographic protocols used for providing secure communication over a network. The Internet Engineering Task Force (IETF) prohibited the use of SSL which led the way for TLS to succeed it. The protocols have several variations and iterations used in web browsing, email, Internet faxing, instant messaging, and voice over IP (VoIP). Websites, in particular, are known for using TLS for securing communications between their servers and web browsers. This is accomplished by TLS providing privacy and integrity to data between two communicating nodes on a network.[..]

What is Cross-Site Scripting (XSS)?

In the world of technology which is constantly growing and improving comes with increased risks and security vulnerabilities that those with malicious intent seek to take advantage. Cross-Site Scripting (XSS) is one such method which is primarily used in web-applications to allow the attacker to inject client-side scripts onto web pages. This type of attack is called code injection. Unsuspecting users then view these web pages which then give the attacker a means of bypassing authorization for access controls. One such access control is the same-origin policy which follows that a script running on a web page is allowed to run on the same web page only if they are both of the same origin (URI scheme, hostname, and port number). Typically, this would prevent a malicious script from one web page to go to another web page and access sensitive data and information; however, XSS bypasses this by taking advantage of security flaws in web applications' servers or plug-in systems. Once the attacker has successfully taken advantage of one of these vulnerabilities and compromised the site, unsuspecting victims have basically granted the script the same level of permissions they would have given to the site, such as access to cookies. This would then allow the attacker to view any sensitive information a user might be inputting onto the site ranging from passwords to credit card information. The website's page content, session cookies, and browser-maintained information would all be accessible by the attacker at this point.[..]

What is Cybersecurity?

Cybersecurity deals with the protection of computer systems, networks, and data from cyber theft and damage to hardware, software and information. Cybersecurity is equally important for companies as well as individuals.[..]

My IP address is hacked. What can I do?

Many readers of our website are contacting us for help on *allegedly* hacked IP address, and remedies for getting it back. One of the user is telling us his IP address used to be 64.3.x.y in Dallas and now it's 67.72.x.y located in Utah (per ip lookup); and hence his IP address is stolen, and his computer is running very slow and acting abnormal.[..]