Application whitelisting is a security approach where only approved or trusted software programmes are allowed to run on a computer or network. Any application not on the approved list is blocked from executing, which helps prevent unauthorised or malicious software from causing harm. This method is commonly used to strengthen security in environments where strict…
Category: InfoSec
Secure Boot
Secure Boot is a security feature that ensures a device only runs software that is trusted by its manufacturer. When a computer starts up, Secure Boot checks each piece of software, such as the operating system and drivers, against a list of approved signatures. If the software has not been approved or has been tampered…
Attack Vector Analysis
Attack Vector Analysis is the process of identifying and understanding the various ways an attacker could gain unauthorised access to a system or data. It involves examining the different paths, weaknesses, or points of entry that could be exploited by cybercriminals. By studying these potential threats, organisations can strengthen defences and reduce the risk of…
Threat Modeling
Threat modelling is a process used to identify, assess and address potential security risks in a system before they can be exploited. It involves looking at a system or application, figuring out what could go wrong, and planning ways to prevent or reduce the impact of those risks. This is a proactive approach, helping teams…
Reentrancy Attacks
Reentrancy attacks are a type of security vulnerability found in smart contracts, especially on blockchain platforms like Ethereum. They happen when a contract allows an external contract to call back into the original contract before the first function call is finished. This can let the attacker repeatedly withdraw funds or change the contractnulls state before…
Cloud Misconfiguration
Cloud misconfiguration occurs when cloud-based systems or services are set up incorrectly, leading to security vulnerabilities or operational issues. This can involve mistakes like leaving sensitive data accessible to the public, using weak security settings, or not properly restricting user permissions. Such errors can expose data, disrupt services, or allow unauthorised access to important resources.
SQL Injection
SQL Injection is a type of security vulnerability that occurs when an attacker is able to insert or manipulate SQL queries in a database via input fields in a website or application. This allows the attacker to access, modify, or delete data in the database, often without proper authorisation. SQL Injection can lead to serious…
Credential Stuffing
Credential stuffing is a type of cyber attack where hackers use stolen usernames and passwords from one website to try and log into other websites. Because many people reuse the same login details across different sites, attackers can often gain access to multiple accounts with a single set of credentials. This method relies on automated…
Threat Hunting
Threat hunting is a proactive cybersecurity practice where experts search for signs of hidden threats or attackers in computer systems and networks. Instead of waiting for automated tools to alert them, specialists actively look for unusual patterns or suspicious activities that might indicate a security breach. This helps organisations find and fix problems before they…
Zero-Day Exploit
A zero-day exploit is a cyberattack that takes advantage of a software vulnerability before the developer knows about it or has fixed it. Because the flaw is unknown to the software maker, there is no patch or defence available when the exploit is first used. This makes zero-day exploits particularly dangerous, as attackers can access…