ক্রস-সাইট স্ক্রিপ্টিং (Cross-site scripting) কি? ক্রস-সাইট স্ক্রিপ্টিং (XSS) এক ধরনের কোড ইঞ্জেকশন আক্রমণ যা আক্রমণকারীকে অন্য ব্যবহারকারীর ব্রাউজারে ক্ষতিকর জাভাস্ক্রিপ্ট কোড চালনার সুযোগ দেয়। এ ধরনের আক্রমণের ক্ষেত্রে সাধারণত আক্রমণক্রারী, ব্যবহারকারীর ব্যবহৃত ওয়েবসাইটের কোন নিরাপত্তা দুর্বলতাকে কাজে লাগিয়ে ব্যবহারকারীর ওয়েব ব্রাউজারে ক্ষতিকর জাভাস্ক্রিপ্ট কোড পাঠায়। ব্যবহারকারীর ওয়েব ব্রাউজারে এই ক্ষতিকর জাভাস্ক্রিপ্ট কোড ওয়েবসাইটের অন্যান্য স্বাভাবিক কোডের মতই চালিত হয় এবং আক্রমণকারীকে তার কাংখিত ফলাফল পেতে...
Read More
DESCRIPTIONMultiple vulnerabilities have been discovered in Adobe Acrobat and Adobe Reader, the most severe of which could allow for arbitrary code execution. Adobe Acrobat is a family of software developed by Adobe Inc. to view, create, manipulate, print, and manage files in PDF format. Adobe Reader is the free version within the Adobe Acrobat family of software. Successful exploitation of the most severe of these...
Read More
DESCRIPTIONMultiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged process....
Read More
On 1st November 2020 Cyber Wales, an UK based cyber security organization, has arranged a webinar to celebrate UAE’s Flag Day, a national campaign to honor the country’s past, present and future. Flag Day is celebrated on November 3, the anniversary of HH Sheikh Khalifa bin Zayed Al Nahyan becoming the president of the UAE in 2004. Objective The aim of sessions is for Cyber...
Read More
DESCRIPTIONOctober 23 – UPDATED: Multiple vulnerability has been discovered in Cisco Adaptive Security Appliance and Firepower Threat Defense, which could allow for a denial of service condition. Cisco Adaptive Security Appliance is the core operating system that delivers enterprise-class firewall capabilities and Cisco Firepower Threat Defense is an integrative software image. Successful exploitation of this vulnerability could allow an attacker to cause denial-of-service condition. IMPACTMultiple...
Read More
Security Intelligence is the collection, evaluation, and response to data generated on an organization’s network undergoing potential security threats in real-time. This platform was developed from log management, SIEMs, NBADs, and network forensics. As cybersecurity threats and attacks continue to grow and evolve, advanced security solutions are more important than ever, with security intelligence leading the way. [1] Key Principles Real-time analysis Pre-exploit analysis Collection,...
Read More
DESCRIPTIONMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view,...
Read More
