Blog

Session Hijacking and Other Session Attacks

Session Hijacking and Other Session Attacks

Session IDs are a tasty treat for malicious hackers Once an attacker gets their hands on a session ID, they can get unauthorized access to a web application and fully impersonate a valid user In general, there are three primary methods to obtain a valid session ID: Guessing a valid session ID (session prediction)Creating a valid session ID and tricking the user into using it (session fixation)Obtaining a valid...

Read More →

What is fleeceware and why should you care?

What is fleeceware and why should you care?

Malware Adware Ransomware So many “wares” thrown around these days in the world of cybersecurity The latest addition to this list is known as ‘fleeceware’ The term was coined by UK cybersecurity firm Sophos in September 2019 This was following the firm’s discovery of a new type of financial fraud on the Google Play Store Fleeceware refers to situations where app developers manipulate loopholes in the...

Read More →

Beefing up your security for 2020

Beefing up your security for 2020

It’s the dawn of a new decade As we look to a year of promise and excitement, its probably a good idea to pay a bit more attention to cybersecurity Most of our modern activities revolve around technology It makes sense to take security a bit more seriously So, here’s a list of things you could look to implementing to upgrade your security experience in 2020 Passwords Let’s start with the obvious one...

Read More →

What are bug bounty programs and why should corporates care about them?

What are bug bounty programs and why should corporates care about them?

You might have heard of it before and might not be sure what it’s about exactly But bug bounty programs remain an important and effective part of cybersecurity, particularly for companies So what is a bug bounty program How does one help cybersecurity Here’s what you need to know The first known bug bounty program was in 1983 by Hunter & Ready At the time, the program offered a Volkswagen Beetle who found...

Read More →

HTTPS alone won’t save your website from hacks

HTTPS alone won’t save your website from hacks

Getting an SSL certificate is one of the first and important things when it comes to website security But often, it is assumed that this alone will suffice in protecting your website An HTTPS website does enhance a website’s security But it will not singlehandedly keep your website out of harm’s way What is HTTPS In simple terms, HTTPS is the secure version of the HyperText Transfer Protocol (HTTP) This...

Read More →