Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. There is another definition for this attack. We can say Phishing is the fraudulent use of electronic communications to deceive and take advantage of users. Phishing attacks attempt to gain sensitive, confidential information such as usernames, [...]
A network firewall is a network security device that monitors incoming and outgoing network traffic. Firewalls are a first line of defense in network security. Firewall purpose is to establish a barrier between your internal network and incoming traffic from external sources (such as the internet) in order to block malicious traffic like viruses and [...]
Cyber security is the practice of protecting systems, networks, and programs from digital attacks. It's also known as information technology security or electronic information security. Cyber-attacks are often aimed at accessing, changing, or destroying sensitive information. Final goal of these attacks is extorting money from users, or interrupting normal business processes in organizations, governments and [...]
These days, confidence attacks and romance fraud attacks are very common. An attacker deceives a victim into believing the attacker and the victim have a trust relationship, whether family, friendly or romantic. So, victim will trust to attacker. At this time, the attacker asks the victim to send money to the attacker. Or the victim may [...]
Pharming is a type of cyber crime. It is very similar to phishing attacks. The Pharming attacks to name resolution process. However, There is a DNS server in each network. In fact, each computer has its local DNS service. A pharming attack uses two way for attack to this process: First Way More about hosts [...]
Assess Security Impact of Acquired Software When an organization combines with or purchases another organization, the acquired source code, repository access and design, and intellectual property should analyze and review to assess security. Also, the phases of the development cycle should review. There are some use cases that bear further discussion: Open source: Never [...]
Assess the Effectiveness of Software Security In this section of this tutorial, we'll take a look at assessing the effectiveness of software security . These days, one of the most important aspects of cyber security is assessing the effectiveness of application security. Once the application is ongoing and software has been programmed, the next [...]
Identify and Apply Security Controls in Development Environments Organizations must be able to take multiple levels of risk mitigation to protect the code, as well as the applications. In this section of this tutorial, we'll take a look at security controls in development to help you understand the different aspects of security controls in [...]
Understand & Integrate Security in the Software Development Life Cycle (SDLC) SDLC of course sometimes called software development methodology (SDM) also. Anyway, SDLC refers to all the steps required to develop software and systems from conception through implementation, support, and (ultimately) retirement. These days, one of the most important aspects of cyber security is [...]