Blog it...

Cross-site scripting(XSS) An attack is a type of injection where an attacker uses a malicious script. Cross-site scripting has two stages, first, the attacker finds a way to inject malicious code into the web page the victim visits, then the victim must visit the web page with the malicious code. If there is a specific victim attacker target, social engineering or phishing can be used to send malicious URLs to the victim.   https://thehackernews.com/ 2022/02/9-year-old-unpatched- email-hacking-bug.html

SQL injection is a code injection that is used to attack databases or data-driven applications. SQLI is short for SQL Injection. SQLI Exploit application’s software security vulnerability. This technique is the most common web hacking technique. It usually happens when the user is asked for input. Direct SQL Command Injection is a technique where an attacker creates or alters existing SQL commands to expose hidden data, override valuable ones, or even execute dangerous system-level commands on the database host.     https://www.acunetix.com/websitesecurity/sql-injection/

Rooting Android is an operating system based on the Linux kernel. The system admin in Linux is called “root.” That’s where the name derived from. Rooting is a process that allows android users to have an admin privilege over the operating system. This allows you to Uninstall any application from the phone specially the one that comes with the phone or the “bloatware”. you can also update to later system versions or install a custom ROM. It also enables some applications to have temporary root access. Jailbreaking Apple built the iOS based on BSD- a UNIX like operating system. Unlike android apple doesn’t allow users to download and use applications, which are not official or users can only download their application from app store . This has a huge security benefit since every app on the app store is verified and approved by apple. Jailbreaking is used to install applications from outside app store. Jailbreak only uses to remove some restrictions present in the software. ...

  I recently read this article saying that Microsoft defended against a 3.47TB DDOS attack. This fact makes me ask what is DDOS? A Denial-of-Service(Dos) is an attack meant to shut down a network, making it inaccessible to intended users. It floods the targets with traffic and deprives the main users from accessing the resource.   There are two general methods of DoS attacks: flooding services or crashing services. Flooding - the flood occurs with a great deal of traffic for the server to buffer  Crashing/Buffering - In this type of exploit, the adversary drives more traffic to a network address than the system is capable of handling. This causes the machine to consume all available buffers, or memory storage regions that temporarily hold data while it is being transferred within the network Modern security technology is capable of defending against these attacks, we can cite Microsoft records as an example. https://arstechnica.com/information-technology/2022/01...