Cyber-Defense

CYBERSECURITY :::
Continuously changing legislation and increased usage of networks by organizations and systems represent an always-growing challenge of protecting corporate and personal data. In order to meet the increased demand on information security, we need to develop a holistic approach to both organizational and technical measures.

Our experts will support you with the following consulting services on the road to reaching a required information security level:

Implementation of Information Security Management System (ISMS) in accordance with. ISO 27001 and BSI-Baseline Protection.
Preparation and support for ISO 27001 certification and BSI basic protection.
Creating a Security Policy
Creating a security concept
Determining the actual state of the information security in your company and implementation of risk analysis systems
Implementation of organizational and technical measures
Security Awareness Education / Training
Scheduled testing and continuous improvement of ISMS
Establishing a position of an external and independent Chief Information Security Officer – CISO for controlling the security process
SQL Injection
Change of database queries by smuggling database commands in insufficiently tested input data. They are then treated within the query as part of a database command.

Insecure Configuration
Unsafe configurations such as HTML-comments containing sensitive information, insecure use of password while interpreting web pages or web applications can allow attacks on a web application.

Directory Traversal
Manipulation of paths that can be enabled by weaknesses in the Web application files and directories of the server. This can be used to get an access to sensitive data in the Web server.

Format String Exploit
Format string exploits can be used to crash a program or to execute harmful code. The problem stems from the use of unchecked user input as the format string parameter in certain C functions that perform formatting, such as “printf()”.

Metacharacter
A metacharacter is a character that has a special meaning (instead of a literal meaning) to a computer program, such as a shell interpreter or a regular expression engine. Unsafe use of characters that have a special role in the programming environment. In the absence of adaptation the web application may become vulnerable to attacks.

Filter Evasion
By cleverly inserting additional characters as zero, tab characters, or by changing character keywords can be hidden when the characters are ignored at other levels (e.g. in the browser). Alternative coding forms and fonts can also bypass filters.

Buffer Overflow
Buffer overflow is an anomaly where a program, while writing data to a buffer, overruns the buffer’s boundary and overwrites adjacent memory locations. This is a special case of the violation of memory safety.

Cross Site Scripting – XSS
The web application adds code of the attacker (e.g. JavaScript) as a seemingly harmless user input in a response page. The web browser of the victim runs the code and the attacker gains access to the web application. The code can be stored in the application (Stored XSS) or be triggered by a link (Reflected XSS).

Standard Accounts
Forgotten or unknown by the operator standard accounts with high privileges that have a given password after installing. Attackers, who got an access to such accounts, misuse this to gain access to the Web application or server environment.

HTTP Request Smuggling
The HTTP Request Smuggling attack explores an incomplete parsing of the submitted data done by an intermediary HTTP system working as a proxy. HTTP Request Smuggling consists of sending a specially formatted HTTP request that will be parsed in a different way by the proxy system and by the final system, so the attacker could smuggle a request to one system without the other being aware of it. This attack makes it possible to exploit other attacks, like Cache Poisoning, Session Hijacking, Cross-site Scripting (XSS) and most importantly, the ability to bypass web application firewall protection.

DNS Spoofing
The attacker falsifies the assignment of domain names to IP address – either locally at the client operating system or in the hierarchy of competent DNS server (cache poisoning). This diverts traffic to the attacker’s computer (or any other computer).

Session Fixation
Session fixation attacks attempt to exploit the vulnerability of a system which allows one person to fixate (set) another person’s session identifier (SID). Most session fixation attacks are web based, and most rely on session identifiers being accepted from URLs (query string) or POST data.

Sniffing
Data are read during transmission to and from web applications but are not changed. Passive attack is enabled when protocols are unencrypted or poorly secured.

Man-in-the-middle attack
Man-in-the-middle attack is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.

Session Hijacking
Attacker takes over a communication link between the client and Web server, after both communications partners have successfully authenticated.

Spoofing attack
In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.

DNS Rebinding
Bypassing the same-origin policy in browsers by alternating DNS responses. By selectively switching between IP address of attacker’s and target’s machines the attacker gains indirect access to applications on the target computer because the browser considers both IP addresses belong to the same host name.

Cross-Site Request Forgery (XSRF) / Session Riding
It is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. The attack uses the browser of the victim as a springboard in order to use its rights in relation to the web application.

Malicious content
It is an active attack code that is installed in web pages and should exploit weaknesses in the victim’s browser. If the attack is successful the browser is being abused to load further malicious code on the client PC.

Phishing
It is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

UI Redressing/Clickjacking
Clickjacking is a malicious technique when a user clicks the link that in reality is something different from what the user perceives it.

Hidden Field Tampering
Change of data that has been cached as a hidden parameter in web forms. That enables the attacker to fake data.

Countermeasures >>> they are very complex and individual. We can consult you personally!