SQL Injection

This post is for my cybersecurity students, and anyone else taking a cybersecurity class or studying for a certification exam.

From Jason Dion: “The most common type of code injection is SQL injection. An SQL injection attempts to modify one or more of an SQL query’s four basic functions: select, insert, delete, or update. Two common methods of performing an SQL injection are either using a single apostrophe (‘) or submitting an always true statement like 1=1.  As a penetration tester, you ...

Continue Reading →
17
JAN
0

certification, CISSP, Domain 7, Domain 8, education, training

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Guidance on Sharing Cyber Incident Information

Original release date: April 7, 2022

CISA’s Sharing Cyber Event Information Fact Sheet provides our stakeholders with clear guidance and information about what to share, who should share, and how to share information about unusual cyber incidents or activity.

CISA uses this information from partners to build a common understanding ...

Continue Reading →
16
APR
0

Android, CISSP, cybersecurity, Domain 8, multi-factor authentication, passwords, Rogue Security Programs, Weekend Update, wireless

,

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

You can’t keep quiet when you’re hacked anymore

If you try to hide that your business has been hacked or you’ve paid ransomware, the Cybersecurity and Infrastructure Security Agency would like a word with you.

One of the dirty little secrets of many businesses, perhaps even most, is that far more of them than ever admit to it ...

Continue Reading →
2
APR
0

APT, artificial intellegence, CISSP, cybersecurity, Domain 8, law and policy, Linux, Weekend Update

, , ,

Weekend Update

Happy New Year!!

A quick Saturday digest of cybersecurity news articles from other sources.

Serious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble

Have you ever seen the message “An error occurred”? Even worse, the message “This error cannot occur”? Facts matter!

Security and Your Phone:  What the Risks Are and How to Stay Safe

A great article and infographic ...

Continue Reading →
1
JAN
0

Android, Apple, CISSP, Domain 8, ransomware, smartphones, Software vulnerability, Weekend Update

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Bruce Schneier Edition

Excellent Write-up of the SolarWinds Security Breach

[2021.08.30] Robert Chesney wrote up the Solar Winds story as a case study, and it’s a really good summary.

This one is a must read.

Surveillance of the Internet Backbone

[2021.08.25] Vice has an article about how ...

Continue Reading →
25
SEP
0

Apple, CISSP, Domain 8, ransomware, Software vulnerability, surveillance, Weekend Update

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

How safe is a quantum-safe virtual private network?

Verizon aims to find out by testing the technology, which is geared at enhancing encryption methods using session key exchange security mechanisms, the carrier said.

What’s going on with the ‘Great Resignation’?

By Steven J. Vaughan-NicholsComputerworld
You’d better work ...
Continue Reading →
4
SEP
0

authentication, careers, CISSP, Domain 8, passwords, Weekend Update, Windows 11

, ,

Practical Tips for Securing Your Company’s WordPress Site

By Carla Lopez

Cyberattacks have been harming — and in some cases, crippling — small businesses across the globe ever since the internet became a thing, but especially over the last two years. And as security technology gets smarter and harder to crack, cybercriminals are also getting smarter and learning how to circumvent various security measures put into place. As ZenBusiness notes, “Digital tools make modern life easier, but they also invite new threats.” Hackers will go after ...

Continue Reading →
24
AUG
0

CISSP, cybersecurity, Domain 8, Security, Web Design, WordPress

Page 1 of 2 12