cyber security Goals of Network Security Network security is a critical aspect of modern computer networks, ensuring the protection of data, systems, and resources from unauthorized access, damage, or disruption.
cyber security The impact of cybersecurity threats on the healthcare industry In recent years, cybersecurity attacks have become more prominent, affecting a wide range of businesses, including healthcare. The impact of cybersecurity risks on the healthcare business will be discussed in this article at OpenGenus.
cyber security 10 Impacts of quantum computing on cryptography and data security Quantum computing has the potential to transform numerous industries, including encryption and data security.
Software Engineering How to phish? or Phishing Campaigns We have explored the basic idea behind Phishing and different types like Email Phishing, Spear, Clone, Page and Web Page Phishing.
Software Engineering Upgrade Insecure Requests The “upgrade-insecure-requests” Content Security Policy header instructs your browser request web stuff and do it with HTTPS and not HTTP.
Software Engineering What is Content Security Policy (CSP)? Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks
cyber security SamSam Ransomware: made $850K by attacking government organizations SamSam Ransomware uses a custom infection in targeted attacks and the ransomware have been made by SamSam group. The ransomware has been publically available since 2015 and has been known for targeting government entities in USA. The ransomware is developed privately and modernized regularly
cyber security Jigsaw Ransomware: Pay $150 in bitcoin with live support or get files deleted Jigsaw Ransomware (BitcoinBlackmailer) targets Microsoft Windows first appeared in 2016. The ransomware is desgined to spread through malicious attachments in spam emails. It not only encrypts the user's files but also deletes them if the user takes too long to make the ransom payment of $150
cyber security Heap Spraying Attack Heap Spraying Attack is a type of cyber attack in which the attacker uses the ability to write the series of bytes in the memory for the running program at various places in the heap. The main aim of the attack is to ensure that the bytes can be accessed later as the vector of the separate attack.
cyber security DLL Hijacking Attack Dynamic Link Libraries (DLL) Hijacking is an type of cyber attack when hackers replace the genuine .dll file with the malicious file. This corrupted file, when used by the application, gives erroneous results as programmed by the hacker.
cyber security Password Spraying Attack Password Spraying is a form of cyber attack similar to a brute force attack, where the hacker tries to gain access to the company system by testing out a small number of commonly used passwords on a large number of accounts. This attack allows a attacker to gain access to multiple accounts
cyber security BlueBump Attack BlueBump attack is an cyber attack for bluetooth enabled devices. The attack allows the attacker to connect to the Bluetooth device of target, and then exploit the link key of the target device. The attack gives the attacker unlimited access to the victim's device which is in a very limited range
cyber security Xpath Injection Attack XPath Injection is an cyber attack used to fetch sensitive data (stored in XML format) from a website, by injecting malicious XPath queries. This attack works for applications that leverage user-supplied information to construct XPath queries.
cyber security BlueSmack Attack Bluesmack is a cyber attack done on bluetooth enabled devices. The attack uses L2CAP (Logic Link Control And Adaptation Protocol) layer to transfer an oversized packet to the Bluetooth enabled devices, resulting in the Denial of Service (DoS) attack.
cyber security OS Command Injection Attack OS Command Injection is a form of shell injection attack, mostly used for execution of unauthorized OS commands in the operating system (OS) to target the system (usually a web server) and degrade its performance. In this attack, the hacker aims to find and exploit some of the vulnerable application
cyber security Malvertising Attack Malvertising is a type of cyber attack in which an hacker use the online advertising to spread the malware. The attack can infect a system pre-click or post-click. A pre-click malvertisement can be embedded in the main scripts of the page. It can even initiate drive-by-download on visiting the site
cyber security Fork Bomb Attack Fork Bomb Attack is a type of denial of service attack which causes the degradation of a system by making it run out of the memory. The attack forks the processes recursively to fill the entire available memory, thus choking system resources. Locating and terminating a Fork Bomb is a tedious process
cyber security Drive By Login Attack Drive-By Login is a form of phishing attack in which a hacker sets up the malicious code on the victim's favorite website through through various methods of social engineering and bugs in website. Use anti-phishing tools and keep browser upto date to stay safe from this attack
cyber security Tabnabbing Attack Tabnabbing is a form of cyber attack which enables an hacker to take the advantage of the idle tabs in the browser and use them for carrying out the phishing attacks. The attack can be carried out even if the javascript is disabled, using the HTML attribute or a "meta refresh" meta element
cyber security UDP Flood Attack UDP Flood Attack is a type of Denial of Service attack in which a hacker floods the random ports on the victim host with UDP packets. In this attack, the hacker spoofs the IP Address of the packets, to make sure that the returning ICMP packets don’t reach back to the hacker.
cyber security DNS Amplification Attack DNS (Domain Name System) Amplification is a form of reflection based DDoS attack, in which a hacker spoofs the look-up requests to spoof the DNS servers to hide the source of an exploit and also to direct the response to the target. The attack exploits the disparity in the bandwidth consumption
cyber security IP Spoofing Attack IP (Internet Protocol) Spoofing is a form of cyber attack in which hacker crafts the IP packets which are used to carry out the DDoS attacks as well as MitM attack. In this attack, the fake crafted IP packets are used to impersonate another system or is used to hide the identity of the hacker.
cyber security MAC Flooding Attack MAC (Media Access Control) Flooding is a type of cyber attack done in a network to compromise the security of the network switches. In this attack the network is flooded with the fake MAC addresses. The hacker uses this attack to steal sensitive data that is being transferred in the network.
cyber security Ping Of Death Attack Ping of Death (PoD) Attack is a form of DDoS attack, which is used for disrupting the victim network by sending the packets larger then the max size allowed using some arbitrary commands. The attack degrades the targeted system or even freeze the system.
cyber security Smurf Attack Smurf Attack is a type of DDoS Attack, which floods the system with the spoofed ping messages. The attack has an amplification vector that increases the damage by exploiting the characteristics of the broadcast network. The attack swamps the internet with the replies to ICMP echo requests.