In this article, we explain what Passive Vulnerability Detection (PVD) is, provide an overview on the PVD methodologies and discuss its relative strengths and weaknesses as compared to the Active Vulnerability Scanning (AVS).
In this post, we explain what CVE (Common Vulnerabilities and Exposures) is, what the CVE states are, how to request a CVE ID and search for CVE records in the NVD.
In this article, we first briefly give the background information on cyber threats and cyber threat actors and then list prominent Advanced Persistent Threat (APT) groups.
In this article, we explain how to search for files in Linux from the Command Line Interface (CLI).
Sometimes, a technical attack such as brute forcing passwords, introducing malware into the systems or exploiting software/hardware based vulnerabilities remotely is not the easiest way to gain access to an IT infrastructure or a person’s accounts. Rather, it is manipulating the weakest link in the cyber security chain, i.e., humans, via a number of social interaction means.
Patch Tuesday is an unofficial term used to refer to the scheduled updates rolled out on Tuesdays by Microsoft to fix for known bugs in the Windows operating system and the other Microsoft products.
In this article, we explain the password attack methods that the attackers use frequently to compromise individual accounts and gain unauthorized access on systems.
Terms such as zero-day vulnerability, exploit and attack are often used interchangeably though they do not convey the same meaning. Find out more in our article to learn what these terms specifically mean.
SSL Stripping is a form of a man-in-the-middle (MITM) attack that downgrades a secure HTTPS connection to HTTP and exposes users to eavesdropping and data manipulation. In this article, we discuss how attackers can conduct SSL stripping attacks and provide an overview on the proposed mitigative countermeasures.