Session riding can be one of the more challenging attack types to guard against. In this video, you’ll learn how XSRF works and how the bad guys can manipulate a vulnerable application for their own gain. << Previous Video: Cross-site Scripting Next: Privilege Escalation >> The cross-site request forgery attack is sometimes called a one-click […]
Cross-site Request Forgery – CompTIA Security+ SY0-501 – 1.2 Read More »
If you can convince a browser to run a script, then you can control a significant amount of a user’s working environment. In this video, you’ll learn about cross-site scripting and how XSS attacks can be used to steal right from under our noses. << Previous Video: Data Injection Next: Cross-site Request Forgery >> Cross-site
Cross-site Scripting – XSS – CompTIA Security+ SY0-501 – 1.2 Read More »
One way to get malicious data into an application is for the bad guys to put it there themselves. In this video, you’ll learn about data injections and how they can be used to control you and your data. << Previous Video: Buffer Overflows Next: Cross-site Scripting >>–> The ideal operation of most applications is
Data Injection – CompTIA Security+ SY0-501 – 1.2 Read More »
A badly written application can open the door to mischief. In this video, you’ll learn how a single buffer overflow can disrupt the security of an operating system. << Previous Video: Man-in-the-Middle Next: Data Injection >> As you’re probably aware, the applications that we’re using store everything that they need in the memory of your
Buffer Overflows – CompTIA Security+ SY0-501 – 1.2 Read More »
If an attacker can sit between you and your data, they’ll have access to a wealth of information. In this video, you’ll learn about man-in-the-middle attacks and what you can do to prevent them. << Previous Video: Denial of Service Next: Buffer Overflows >> We usually consider our network communication to be private. We’re communicating
Man-in-the-Middle – CompTIA Security+ SY0-501 – 1.2 Read More »
If your services aren’t working, then you are effectively out of business. In this video, you’ll learn how denial of service attacks are used to prevent access to your important business systems. << Previous Video: Principles of Social Engineering Next: Man-in-the-Middle >>–> A denial of service is when the bad guys are taking a service
Denial of Service – CompTIA Security+ SY0-501 – 1.2 Read More »
Someone who’s well-versed in social engineering can easily talk their way into your network. In this video, you’ll learn about social engineering principles and what you can look for to protect against these attacks. << Previous Video: Watering Hole Attacks Next: Denial of Service >> Social engineering is a very low tech form of a
Principles of Social Engineering – CompTIA Security+ SY0-501 – 1.2 Read More »
If your network is secure, the bad guys might try to find an opening at the local watering hole. In this video, you’ll learn about watering hole attacks and how some real-world watering holes were poisoned by the bad guys. << Previous Video: Hoaxes Next: Principles of Social Engineering >> Let’s say you’ve been working
Watering Hole Attacks – CompTIA Security+ SY0-501 – 1.2 Read More »
A fake attack can consume as many resources as a legitimate security breach. In this video, you’ll learn about hoaxes and how they can fool your users out of their money and data. << Previous Video: Shoulder Surfing Next: Watering Hole Attacks >> In IT security, we tend to spend a lot of time dealing
If it’s on your screen, others can see it. In this video, you’ll learn about shoulder surfing and what you can do to protect yourself against prying eyes. << Previous Video: Dumpster Diving Next: Hoaxes >> At some point during your day, the information that’s on your computer screen is probably going to be pretty
Shoulder Surfing – CompTIA Security+ SY0-501 – 1.2 Read More »
