Briskinfosec Blogs - Guide of Cybersecurity Trends & Insights Information-Security

Book Free Consultation

Growing Data Breaches And The Best Ways To Be Safe From Them

Data breaches – Unarguably, it’s a word that’s roaring predominantly and endlessly in each and every part of this digital world, without any precincts.

Critical Corporate Cyber Security Risks-A Data-Driven List

It is a well-known fact that most of the corporate organisations have been the target of black-hat hackers and hacktivist groups, and they were experiencing data breaches, server compromise etc.

Evolution of Ransomware and the trends in 2020

Nowadays the biggest danger that we come across and also something that we are about to face in future is The cyber threat the crime that happens via internet and technology.

How to become ethical hacker and shine like stars?

One of the fastest growing information technology careers is Ethical hacking.

Why Cloud Forensics Fail?

Digital Forensics is the field of forensic science that is concerned with retrieving, storing and analyzing electronic data that can be useful in criminal investigations. This includes information from computers, hard drives, mobile phones

CWE-79 Improper Neutralization Of Input During Web Page Generation Cross-Site Scripting

Cross-site scripting (XSS) is one of the most prevalent, obstinate, and dangerous vulnerabilities in web applications.

Cross Site Port Attack XSPA

A web application is helpless against Cross Site Port Attack if it forms client provided URL’s and does not disinfect the backend reaction obtained from remote servers previously while sending it back to the client.

CRLF Injection Attack

The term CRLF refers to Carriage Return (ASCII 13, , \r) Line Feed (ASCII 10, , \n). Carriage Return means the end of a line, and Line Feed refers to the new line. In more simple words, both of these are used to note the end of a line.

SQL Injection -Using Burp Suite

SQL injection is an attack when an attacker persuades to “inject” his harmful/malicious SQL code into someone else’s database, and force that database to run his SQL

Host Header Attack

Most commonly many web servers are configured in such a way, to hosts several websites or web applications on the same IP address. That’s why the Host Header Injection occurs.

Command Execution Attacks on Apache Struts server CVE-2017-5638

Apache Struts is a free, open-source, MVC framework for creating elegant and modern Java web applications.

Docker Security Best Practices

Docker is a software platform that enables the development and deployment of containerized applications and services.It is a Platform as a Service (PaaS) that uses the host OS Kernel instead of hypervisors like VirtualBox. Docker containers contain all of the dependencies.

Does your application Hosted on the cloud is really secure?

For many years, security has been a key issue whenever data has be placed online, and the rise of cloud computing hasn't done much to ease people's fears. In reality, it had the opposite effect on many people.

What Are Security Headers and How Can We Implement Them For our Website?

When a browser asks a web server for a page, the server sends back the page's content along with headers. Some headers have meta-data about the content,

How to save yourself from Phishing attacks? A quick guide

Phishing is a type of social engineering attack used to obtain sensitive information from users, such as login credentials and credit card information.It

Drupal Core Remote Code Execution Vulnerability: CVE-2019-6340

Drupal is one of the most popular open source Content Management System (CMS) meant for developing, designing etc.

Top Trending Web app security Vulnerabilities

For a long time in the cyber security world, Web applications are subjected to various kinds of security vulnerabilities because of the increase in its usage and the use of dynamic web application technologies

Cyber Security Products Vs Cyber Security Services

Information has become the most valuable asset in today’s trend. There are many protective methods that are followed by many countries and organizations for ensuring consistent workflow.

What Do You Need To Know About Cyber Kill Chain?

The Cyber Kill Chain framework is a part of the Intelligence driven defense model for identification and prevention of cyber intrusion activities (i.e. Hack or Breach).

Microsoft MSHTML Remote Code Execution Vulnerability - CVE -2021-40444

Microsoft has disclosed a zero-day vulnerability, CVE-2021-40444, which allows malicious code to be executed remotely on users' system

CWE-78 Improper Neutralization Of Special Elements Used In An OS Command Injection

OS command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands through a web interface in order to execute OS commands.

Security Flaws in Third Party Apps

One thing that you have to remember is that outside parties such as auditors, customers don’t care how vulnerabilities got into your environment. Even if your hands are tied, application security flaws can and likely will .

Cyber-Security in Automotive Industry

Modern cars have dozens of computers onboard, and they are not just for running GPS or playing music. Computers monitor and control nearly every system on your vehicle, including steering.

Importance of Cyber Hygiene in Financial sectors

The Center for Internet Security (CIS) and the Council on Cyber Security (CCS) defines cyber hygiene as a means to appropriately protect and maintain IT systems and devices and implement cyber security best practices.