Category: Cyber Attacks
Session Hijacking Attacks Explained
Today, I'll discuss "Session Hijacking" attacks. But first, we need to understand what a cookie is. What are "Cookies?"A "cookie" is nothing more than a simple text file containing an arbitrary string of characters. When you visit many of your favorite web sites, the web server stores a cookie on your HD, allowing it to ...
“150 million MyFitnessPal Accounts Compromised,” says Under Armour
As of March 29, 2018, Under Armour is reporting that 150 million MyFitnessPal accounts were compromised, leaving millions of usernames, E-mail addresses, and hashed passwords in an unauthorized third party’s hands. Due to the scope of the incident, this would be the largest data breach this year. If you re-use your MyFitnessPal password for any ...
PenTest Edition: Assessing WEP, WPS, WPA, and WPA2 Wi-Fi Networks with the “Fern Wi-Fi Cracker” Tool
Here's a fun assessment you can perform on your home network. I'm running Kali Linux 2018.1 in a virtual machine using VMware Workstation Player. My wireless network adapter is an Alfa AWUS036NHA with a 9dBi omni-directional antenna. Penetration testers may use the Fern Wi-Fi cracker as a security auditing tool to test the security of ...
DoS and DDoS Attacks: How They’re Executed, Detected, and Prevented
A DoS and a DDoS...What's the difference? A "Denial of Service," or "DoS" attack, is a category of advanced cyberattack in which a single malicious user denies legitimate users access to a service by blocking or exhausting the resources of a victim system. The DoS is commonly carried out through some form of flooding mechanism, ...
Covert Channels: How Insiders Abuse TCP/IP to Create Covert Channels
The TCP/IP protocol suite, our conceptual model we use to explain the way in which data travels across a network, contains a myriad of communication protocols. The TCP/IP protocol suite generically refers to two main protocols: TCP and UDP, but there are many other protocols, some of which can be abused to create covert channels. ...
The Cybersecurity Man 