Secure coding practices are a set of guidelines and techniques used by software developers to write code that protects applications from security threats. These practices help to prevent vulnerabilities, such as data leaks, unauthorised access, or malicious attacks, by making sure the code is robust and safe. Developers follow secure coding practices throughout the software…
Category: InfoSec
Session Fixation
Session fixation is a type of security vulnerability where an attacker tricks a user into using a specific session ID. If the web application does not properly generate a new session ID after login, the attacker can gain access to the user’s session. This means the attacker can impersonate the user and access private information…
Social Engineering Attack Vectors
Social engineering attack vectors are methods used by attackers to trick people into giving away confidential information or access. Instead of hacking computers directly, these attacks target human behaviour, using manipulation and deception. Common vectors include phishing emails, phone scams, and impersonation, all aiming to exploit trust or curiosity.
Cyber Kill Chain
The Cyber Kill Chain is a model that breaks down the steps attackers typically take to carry out a cyber attack. It outlines a sequence of stages, from the initial research and planning to the final goal, such as stealing data or disrupting systems. This framework helps organisations understand and defend against each stage of…
File Integrity Monitoring (FIM)
File Integrity Monitoring (FIM) is a security process that checks and tracks changes to files on a computer system or network. It helps ensure that important files, such as system configurations or sensitive data, are not changed without authorisation. FIM tools alert administrators if files are modified, deleted, or added unexpectedly, helping to detect potential…
Log Injection
Log injection is a type of security vulnerability where an attacker manipulates log files by inserting malicious content into logs. This is done by crafting input that, when logged by an application, can alter the format or structure of log entries. Log injection can lead to confusion during audits, hide malicious activities, or even enable…
Incident Response Plan
An Incident Response Plan is a set of instructions and procedures designed to help an organisation prepare for, detect, respond to, and recover from unexpected events that could harm its operations or data. These events might include cyberattacks, data breaches, or other security incidents. The plan outlines roles, communication steps, and actions to limit damage…
Digital Forensics
Digital forensics is the process of collecting, analysing, and preserving digital evidence from computers, mobile devices, and other electronic systems. This evidence is used to investigate crimes or security incidents involving technology. The goal is to uncover what happened, how it happened, and who was responsible, while maintaining the integrity of the data for legal…
OAuth Vulnerabilities
OAuth vulnerabilities are security weaknesses that can occur in applications or systems using the OAuth protocol for authorising user access. These flaws might let attackers bypass permissions, steal access tokens, or impersonate users. Common vulnerabilities include improper redirect URI validation, weak token storage, and insufficient user consent checks.
Kerberos Exploitation
Kerberos exploitation refers to techniques used by attackers to abuse weaknesses or misconfigurations in the Kerberos authentication protocol. Kerberos is widely used in Windows environments to manage secure logins and resource access. Attackers can exploit vulnerabilities to gain unauthorised access, impersonate users, or escalate their privileges within a network.