Which are the most scanned ports?
Eniko Toth

Which are the most scanned ports?

What is a port? Ever since computers are able to run more programs at the same time and can connect to modern networks, ports became important. 3 things are needed for the communication between two machines: IP address of the host Port number Type of protocol (e.g. TCP, UDP) A port number is a 16-bit number between 0 and 65535. There are some specific ports which identify some exact services, e.g. port 80 is used for HTTP communication. Types of ports: Well Known Ports: 0 - 1023 Registered Ports: 1024 - 49151 Dynamic/Private : 49152 - 65535 W...
Read more
IP spoofing: don’t let hackers deceive you
Nikolett Hegedüs

IP spoofing: don’t let hackers deceive you

IP address spoofing is a technique used by hackers to disguise their IP address as another IP and gain access to sensitive information or access private services on authorized networks. In some special cases, they can create IP packets that contain a false source IP address and this way hide their original address or impersonate another computing system.This is possible when they have access to the router for the local network. The Internet Protocol states that all IP packets must have a header section. This section contains the IP address of the packet’s sender - and other information too,...
Read more
SQL injection examined 2/2 –Testing your apps against vulnerabilities
Ferenc Barta

SQL injection examined 2/2 –Testing your apps against vulnerabilities

In the previous part of the article, we had looked at some incidents to better understand how attackers try to find SQL injection vulnerabilities. Instead of looking for other incidents, I’ve decided to write a short introduction about testing your own application using publicly available automatic tools. Constantly searching for vulnerabilities on your web applications and services is vital. Most of the time, such systems are exposed to the Internet and it is certain that sooner or later, someone will try to exploit their vulnerabilities. Environment We’ll use a popular too...
Read more
New IoT botnet captured by BitNinja
Anita Batari

New IoT botnet captured by BitNinja

We always keep our eyes on the logs, data, and charts. We always see abnormalities and unusual behaviours, we have found botnets before, but our recent catch is one of the biggest. These cases are really hard to handle due to the huge number of affected IPs. On the evening of 14th June, we have seen something strange, the average incident number increased by nearly 200%. But that was just the beginning, later on, there was a period when we received over five times more incidents. After 24 hours, we had four times more data than on an average day. We have captured a new botnet, which attacke...
Read more
Ransomware: what is it and why is it dangerous?
Nikolett Hegedüs

Ransomware: what is it and why is it dangerous?

Nikolett Hegedüs
Let’s start with the definition. Ransomware is a kind of malware that installs itself onto an unprotected computer, encrypts some files, and asks for a certain amount of money for decryption or to not publish certain sensitive information online. It is called a denial-of-access attack and it can be very frustrating because you know that the files are there but you can’t access them.   There are two types of ransomware attacks: Simple ransomware or lockscreen, where the system is locked. The attack is more serious if the files are really encrypted. It is called a file co...
Read more
SQL Injection examined 1/2
Ferenc Barta

SQL Injection examined 1/2

Relational database, SQL, SELECT SQL is a language designed for the manipulation of relational databases and for the retrieval of information from that database. A relation most commonly looks like a chart, which can be, for example, an article.   ARTICLES ID Title Text 1 DoS abc1  2    DDoS abc2...
Read more
WordPress, Curse or Blessing?
Mariann Csorba

WordPress, Curse or Blessing?

Mariann Csorba
WordPress is the most commonly used blog engine, which is free to use and has an open source code. It is used mainly for the operation of websites, blogs and webshops. If your purpose is to have a great website in a blink of an eye, which you are able to develop later in parallel with the change of unique demands, you have found the best solution. Why is it a blessing? As it gets more and more successful, the number of developers and supporters grow proportionately. They constantly look for bugs, vulnerabilities while they report and fix them. It is easy-to-use, so laymen can al...
Read more