by Alexander | 30 October 2024
A cyber security vulnerability is a weakness, flaw or defect in a computer system, software application or network that can be exploited by an attacker to compromise the security of that system.
A vulnerability is a weakness that exists, whether or not it is known or exploited.
In other words, it is a potential entry point for a cybercriminal. This vulnerability may reside in the source code of a software application, in an inadequate network configuration, in an insecure communication protocol, or in the behaviour of a user.
by Alexander | 24 October 2024
A Web Application Firewall (WAF) is a type of firewall designed to protect web applications by filtering, monitoring and blocking malicious inbound and outbound HTTP/HTTPS traffic.
Unlike traditional firewalls that focus on the network or transport layers, WAFs operate at the application layer of the OSI model. They are essential for preventing attacks specific to web applications, such as SQL injections, cross-site scripting (XSS) and Denial of Service (DDoS) attacks.
by Alexander | 4 February 2025
A cyber war game, also known as a simulation exercise or cyber crisis exercise (or cyber exercise), is a realistic, scripted simulation designed to assess and improve an organisation's ability to prevent, detect and respond to cyber attacks.
Inspired by military exercises, it generally involves opposing teams (e.g. Red Team vs Blue Team) reproducing attacker tactics and defence mechanisms in a controlled environment.
by Alexander | 20 February 2025
Web scraping is the automated extraction of data from websites. While this technique can be used for legitimate purposes, it can also pose cybersecurity problems.
Web scraping is an automated technique for collecting structured data from websites. Using scripts, bots or specialised tools, this method analyses the HTML/CSS or JavaScript code of a web page to extract targeted information (text, images, prices, links, etc.) and store it in a usable format (database, CSV, JSON, etc.).
by Alexander | 18 October 2024
An XSS (Cross-Site Scripting) attack is a web security vulnerability that allows an attacker to inject malicious code (usually JavaScript) into web pages viewed by other users. Unlike other attacks that directly target the server, XSS targets the client, i.e. the user's browser.
TYPE : 🔴 Client-side code injection attack
DANGEROUS: 💀💀💀💀
FREQUENCY: 💣💣
EASE OF ERADICATION: 🧹🧹
