The Impacts of Cross Site Scripting
Cross site scripting (XSS) is a web application vulnerability, allowing an attacker to inject malicious HTML and/or JavaScript code that will later be executed in a victim’s web browser. As the code is triggered and ran on web browsers, this is classed as a client-side attack and could ultimately lead to an attacker hijacking your […]
Security in HTTP Headers
There are many cyber security related topics that I could have chosen to write about, and HTTP headers seems to be a less interesting one. The reason I chose this topic is because the reports I deliver to clients always have the same issue, and that is either missing or misconfigured HTTP headers. In this […]
Internal Password Auditing Guide
Introduction You might think that your Active Directory (AD) environment is safe and secure because it is an internal domain. I am here to tell you that you are wrong. If your AD environment is not secure, and once a bad guy gains an initial foothold within your corporate network, it could basically mean game […]
The Deep and Dark Web
Introduction In my previous blog post, I have briefly touched on the topic of deep and dark web. After constant harassments from my peers, they have convinced me to write another blog post covering this. A little bit on the history of the Internet. An experimental computer network known as the Advanced Research Projects Agency […]
The Art of Social Engineering – Sounds Phish-y?
Introduction You may have heard about phishing attacks, but what about social engineering? Don’t worry, they are essentially the same thing. Although people tend to use these terminologies interchangeable, try not to get confused with what they are. Social engineering is the art of manipulating people to perform actions that would benefit an attacker. In […]
Cybersecurity – The Buzz Word
Introduction Cybersecurity can feel like a buzz word that everyone around us keeps using, but do you actually know what cybersecurity is? It may seem like dark magic to people who don’t speak the lingo. Well, in a nutshell, cybersecurity can be defined as all things related to security. How secure is your data online? […]