Privilege escalation, in simple words, means getting privileges to access something that should not be accessible. Attackers use various privilege escalation techniques to access unauthorized resources. For web application security, privilege escalation is an important concern because web intrusions are usually only the first stage…
Author Archives Tomasz Andrzej Nidecki
Tomasz Andrzej Nidecki Technical Content WriterLinkedIn: https://mt.linkedin.com/in/tonid
Tomasz Andrzej Nidecki (also known as tonid) is a Technical Content Writer working for Acunetix. A journalist, translator, and technical writer with 25 years of IT experience, Tomasz has been the Managing Editor of the hakin9 IT Security magazine in its early years and used to run a major technical blog dedicated to email security.
7 Web Application Security Best Practices
To maintain the best possible security stance and protect your sensitive data against unauthorized access, you cannot just buy security products. Here is a list of seven key elements that we believe should be considered in your web app security strategy. 1. Include Everyone in…
How Does IoT Security Relate to Web Security
Smart devices, which are part of the IoT ecosystem (Internet of Things), are not only increasingly prevalent at homes. They also find their way into businesses of all sizes including enterprises. Unfortunately, the cybersecurity of IoT devices leaves a lot to be desired and is…
Whitepaper: The Future Is the Web! How to Keep It Secure?
The web is everywhere and it’s not an exaggeration. More and more application manufacturers move from dedicated desktop interfaces to web interfaces. You are probably using a web-based email system. Chances are that you are creating your documents using a web platform. If you develop…
What Is SEO Poisoning (Search Engine Poisoning)
Search engine optimization poisoning (SEO poisoning) is a term used to describe two types of activities: Illegitimate techniques used to achieve high search engine ranking, usually (but not only) to attack visitors Exploiting vulnerabilities on existing high-ranking web pages and using them to spread malware…
Common Password Vulnerabilities and How to Avoid Them
Weak passwords and password reuse are still some of the most serious concerns for cybersecurity. There are several ways to increase password security but they are often not adopted by users and administrators. Here’s how you can make sure that sensitive data in your web…
How To Build a Cyber Incident Response Plan
No matter how well you manage your cybersecurity, there is always a chance that you will become a victim of a cyber attack. That is why every organization, no matter the size, should be prepared to react to a cyber incident. The key element of…
What Is DNS Cache Poisoning
DNS cache poisoning is a type of DNS spoofing attack where the attacker stores fake data in a DNS resolver cache. All clients that use this DNS cache receive such fake data. It can be used for very effective phishing attacks (often called pharming) and…
Cybersecurity Trends 2019 – Web Security
The year 2019 so far has seen its share of major security and data breaches. Unsurprisingly, they were not caused by new cybercriminal techniques but by the same ones that have plagued information security for up to two decades. Social engineering and cyberattacks on web…
Data Breaches Due to Exposed Databases
The recent massive breach of sensitive Ecuador population data is yet another case, where there was no actual hack involved. The data owner, an Ecuadorian company Novaestrat, simply left an unsecured Elasticsearch database exposed on a publicly accessible server in Miami. The database contained data…