Blog

In late 2017, Google released a warning for DoubleClick platform users about a design flaw that leaves their websites vulnerable to cross-site scripting (XSS) attacks from third-party vendors.This wasn't the first time Google Ads has had problem, but those are usually coming at us from the admin side. This is a design flaw that degrades UX by hijacking the script mid-session.Cross-site scripting issues aren't new. They aren't even the biggest digital marketing story of the year; this type of …

Cybercrime is in many ways the perfect crime: low risk, scalable, and highly profitable. As more of our lives migrate online, attacks on our cybersecurity by the agile, globalized, and outsourced cybercrime industry show no signs of slowing down.Billions of people were affected by data breaches and cyber attacks in 2018, including up to 500 million Marriott customers. Incidents of cryptojacking (hijacking servers to mine cryptocurrency) experienced a meteoric rise, but those attacks dropped o …

The first known DDoS attack was carried out in the year 2000 by a 15-year-old boy named Michael Calce, according to Norton, and was used to temporarily bring down huge websites like Yahoo, CNN, and eBay, causing an error message like the image displayed above.This brand of attack has been on the rise ever since.Who Launches DDoS Attacks and Why?Though DDoS attacks have grown in their power and sophistication, basic DDoS attacks can be carried out by almost anyone. Regular people can pay for D …

SQL Injection can be used in a range of ways to cause serious problems. By levering SQL Injection, an attacker could bypass authentication, access, modify and delete data within a database. In some cases, SQL Injection can even be used to execute commands on the operating system, potentially allowing an attacker to escalate to more damaging attacks inside of a network that sits behind a firewall.SQL Injection can be classified into three major categories – In-band SQLi, Inferential SQLi and O …

SQL Injection (SQLi) is a type of an injection attack that makes it possible to execute malicious SQL statements. These statements control a database server behind a web application. Attackers can use SQL Injection vulnerabilities to bypass application security measures. They can go around authentication and authorization of a web page or web application and retrieve the content of the entire SQL database. They can also use SQL Injection to add, modify, and delete records in the database.An S …