How Dangerous is SQL Injection?
A good tutorial of basic SQL injection (without a tool): http://www.kalitutorials.net/2014/03/sql-injection-how-it-works.html Notice the bottom entryuser-id field: ‘ OR 1= 1; /* and in password field: */– As it states in…
Training the Next Cybersecurity Professionals
http://www.darkreading.com/operations/educating-the-cyberwarriors-of-the-future/a/d-id/1319590 Jeff Shilling opines that we need more experienced people in the Cybersecurity field. As usual the issue is senior-level execs do not fully understand all the ramification differences with…
Fake Apps Fooling Thousands
It is worthwhile to discuss Fake apps: http://www.hotforsecurity.com/blog/dont-be-fooled-bitdefender-anti-prank-tool-does-not-exist-11664.html There are “fake” apps which claim to be anti-virus or other legitimate apps (like games) but in reality are stealing your information…
Testing Website With Owasp-zap
The Google code website link: https://code.google.com/p/zaproxy/ Here is an interesting bit of info (from the link above): ZAP came second in the Top Security Tools of 2014 as voted by…
Insider Knowledge Threats and Action
We know Insider trading is bad – even though we all want the money, the info to know that there will be good news before the news becomes public is…