Security Information and Event Management (SIEM) systems have become essential for effective cybersecurity, providing crucial capabilities for monitoring, detecting, and responding to threats. They emerged from the need for compliance and more sophisticated security measures.
Introduction
Security...
Personal Data and External Resources - How risky can a cloud-hosted style sheet be?
A website usually consists of a front-end and back-end. The front-end usually consists of the look and feel as well as the sending of data to the back-end. The look and feel for the front-end are usually done by HTML and CSS. The HTML defines the page skeleton whereas the CSS is concerned with the...
The Cryptocurrency Scam - A misuse of Social Engineering so sleek, it feels real
Written by Ayushya Shah
on October 03, 2021
With the increase in the adoption of crytocurrencies, a lot of scammers come out with newer methods to use technologies unknown to the masses to steal money and run various scams. Even though cryptocurrencies boast to be transparent and secure, it has little capabilities to avoid and revert scams....
Public Key Infrastructure (PKI)
Written by Ayushya Shah
on June 26, 2020
One of the most important concepts of security is encryption. Encryption is the method used to convert meaningful messages into a ciphertext (meaningless message) such that it can only be understood by the person having the necessary information to convert it back to the original message. A concept...
OWASP Top 10 - Application Security (2017)
Written by Ayushya Shah
on June 10, 2019
The Open Web Application Security Project (OWASP) is a non-profit community helps organizations to develop secured applications. The OWASP Top 10 Web Application Security Risks was updated in 2017 to provide guidance to developers and security professionals on the most critical vulnerabilities that...
Sensitive data exposure
Written by Ayushya Shah
on July 27, 2018
Attackers can sniff or modify the sensitive data in web applications and APIs if not properly protected. Attack can lead to leak of financial data, usernames and passwords, or health information that could enable attackers to access such information to commit fraud or steal identities. One popular...
Broken Authentication
Written by Ayushya Shah
on July 23, 2018
What is broken authentication?
Broken authentication is when one gains access to specific parts of a web application without proper login/permissions.
Example:-
I have a web page named example.com/login.html
Once a person logs in with a proper username and password,he will be redirected...