Domain Name Server (DNS) spoofing is a cyberattack in which an attacker directs the victim’s traffic to a malicious site (instead of a legitimate IP address). Attackers use DNS cache poisoning to intercept Internet traffic and steal credentials or confidential information. DNS cache poisoning and…

KRACK (Key Reinstallation Attacks) attacks were reported several years ago. The so-called tools that allow you to exploit critical vulnerabilities in the WPA2 protocol, which are considered quite reliable. KRACK allows you to bypass security and listen to traffic in a wireless network at the…

Layer 7 DDoS attacks (application layer) are the easiest way to disable a website and harm your business. Unlike attacks at other tiers, where a powerful stream of network traffic must be set up to fail a site, attacks at tier 7 can proceed without…

After extensive testing, GitHub made it publicly available to scan code for vulnerabilities. Anyone can run a scanner on their own repository and find vulnerabilities before they go to production. The scanner works for repositories in C, C ++, C #, JavaScript, TypeScript, Python and…

TCP SYN-ACK amplification and other protocols The growth of the IoT market, among other things, means that attackers can exploit vulnerable devices if they wish, creating a significant attack bandwidth – as happened in the middle of the year when the WSDD protocol was used…

The main mistake in the implementation of GDPR is to rely on the strength and resources of only one person. A common practice is to expect independent work on the Rules from a lawyer. In such a situation, if he doesn’t have enough serious position…

Aqua security Website: www.aquasec.com License: commercial This commercial tool is designed for containers and cloud workloads. It provides: Image scanning integrated with the container registry or CI / CD pipeline; Runtime protection with the search for changes in containers and other suspicious activity; Native container…