To harden a computer system means to make it more difficult for a malicious hacker to attack. In formal terms, system hardening means reducing the attack surface – the attack surface is the combination of all the points where an attacker may strike. Many computer…
Author Archives Tomasz Andrzej Nidecki
THE AUTHOR
Tomasz Andrzej Nidecki
Technical Content Writer
Technical Content Writer
nginx Security: How To Harden Your Server Configuration
Currently, nginx is the most popular web server, recently beating Apache. It is lightweight, fast, robust, and supports all major operating systems. It is the web server of choice for Netflix, WordPress.com, and other high traffic sites. An nginx server can easily handle 10,000 inactive…
What Is Website Security – How To Protect Your Website from Hacking
You protect your every office computer with an antivirus. You install firewalls to prevent unwanted access to your network. But what do you do to protect your website? And what can happen if it’s not protected? This article is aimed at website owners that are…
What Is the POODLE Attack?
The POODLE attack (Padding Oracle on Downgraded Legacy Encryption) exploits a vulnerability in the SSL 3.0 protocol (CVE-2014-3566). This vulnerability lets an attacker eavesdrop on communication encrypted using SSLv3. The vulnerability is no longer present in the Transport Layer Security protocol (TLS), which is the…
What Is the BEAST Attack
BEAST stands for Browser Exploit Against SSL/TLS. It is an attack against network vulnerabilities in TLS 1.0 and older SSL protocols. The attack was first performed in 2011 by security researchers Thai Duong and Juliano Rizzo but the theoretical vulnerability was discovered in 2002 by…
Most Common Security Vulnerabilities – Acunetix Web Application Vulnerability Report 2020
Every year, Acunetix brings you an analysis of the most common web security vulnerabilities and network perimeter vulnerabilities. Our annual Web Application Vulnerability Report is based on real data taken from Acunetix Online. We randomly select websites and web applications protected using our software, anonymize…
Even the Mightiest Fall: An SQL Injection in Sophos XG Firewall
Do you really think you are safe from web vulnerabilities or that they are just minor problems? A few days ago Sophos, one of the world’s most renowned security companies, found an SQL Injection in their product. What is worse, they found the vulnerability because…
NoSQL Injections and How to Avoid Them
A NoSQL injection vulnerability is an error in a web application that uses a NoSQL database. This web application security issue lets a malicious party bypass authentication, extract data, modify data, or even gain complete control over the application. NoSQL injection attacks are the result…
Debunking 5 Cybersecurity Posture Myths
Small and medium businesses have it hard when it comes to cybersecurity posture. The cybersecurity gap hits them the hardest because most security experts would rather choose different work environments. Young security enthusiasts are in high demand. However, instead of SMBs, they usually prefer to…
How to Defend against Black Hat Hackers during the COVID-19 Pandemic
The SARS-CoV-2 coronavirus outbreak and the COVID-19 illness are instrumental for cybercriminals. Both businesses and private users are a major cyberattack target due to chaos and panic that surrounds the coronavirus pandemic. Here is what we believe that organizations should do to maintain a high…