Posts

Showing posts from 2023

Computer Security Incidents and their Types

Image
What is a Computer Security Incident? A computer security incident is an event related to the breach of data and security of a system due to failed protective measures. Computer security incident involves unauthorized access, use, breach, modification, or destruction of data. Types of Computer Security Incidents  Following are some types of computer security incidents: 1. Unauthorized Access Attack This type of security incident involves unauthorized access to a system by a malicious attacker or person. Cybercriminals can access the accounts of users to extract personal information like Bank details, Addresses, Contact details, etc, and use this information for causing harm. Two-factor authentication reduces the chances of unauthorized access attacks. 2. Privilege Escalation Attack This type of security incident happens when an attacker gains unauthorized access to a computer and also takes admin privileges or blocks the privileges of the original admin. This security incident allows

W3AF: Introduction, Architecture and Features

Image
What is W3AF? W3AF stands for web application attack and Audit framework. It is an open-source framework. It is an open-source framework for auditing and exploiting web applications. It provides facts about security vulnerabilities and bugs for use in penetration testing. The scanner offers a graphical user interface and a command line interface. It is written in python programming language and compatible will all major operating systems like windows, Linux, FreeBSD, etc. Architecture of W3AF The W3AF framework is divided into three parts: 1. The core coordinates the whole process and provides libraries for use in plugins. 2. The user interfaces, allow the user to configure and start scans. 3. The plugins, which find links and vulnerabilities. Features of W3AF 1. It provides web service support. 2. It exploits SQL injection (blind), O.S Commanding, remote file inclusions, local file inclusions, XSS, and more. 3. It provides good harmony among plug-ins. 4. It has a discovery plugin

Penetration Testing: Definition, Phases and Types

Image
What is Penetration Testing? A simulated cyber attack performed on a computer system to check for exploitable vulnerabilities is called penetration testing or simply pen testing. Through regular penetration testing, we can discover new vulnerabilities in the system that are missed or omitted during a vulnerability assessment. Also, this helps the organization to set up a more secure computer and network system in the working ecosystem. Phases of penetration testing 1. Planning and Reconnaissance This phase includes gathering information about the target system through public and private sources like networks, domain names, mail servers, etc. This helps the pen testers to get preliminary information about the target system. 2. Scanning In this phase, pen testers use various tools to examine the target system vulnerabilities. Pen testers can scan the application's code in a running state and how it behaves during testing. 3. Gaining access In this phase, pen testers use web applic

Life Cycle of Vulnerability Management

Image
What is Vulnerability Management? Vulnerability management is a program that addresses common cybersecurity weaknesses in an organization's software, hardware, and network. These vulnerabilities can be exploited by hackers to steal data or do a brute-force attack. Therefore, vulnerability management helps to identify, close, and track these types of vulnerabilities and prioritize them in order of high risk to low risk. Life Cycle of Vulnerability Management 1. Discover This step involves the examination of operating systems, web services, hardware, web applications, and existing security patches to discover new vulnerabilities in the computer system. 2. Prioritize After the discovery of vulnerabilities, these are prioritized based on their nature which is informational, low, medium, high, and critical. The critical vulnerabilities should be dealt with first in the order of precedence. 3. Assess Now, assess all the vulnerabilities based on their severity. For example, low-risk vu

Controlled Substance and its Acts

Image
What is Controlled Substance? A drug or any other substance which is strictly regulated by the government to prevent its abuse and addiction in normal people is known as a controlled substance. The control applies to the way the substance is manufactured, applied, managed, kept, and distributed. Control substances include opioids, stimulants, depressants, hallucinogens, and anabolic steroids. Certain controlled substances have great medical use like morphine, valium, etc they are available only by prescription from a licensed medical professional whereas other controlled substances don't have any medical applications like heroin, LSD, etc and they are completely banned in the country.  Different acts related to the regulation of controlled substances are as follows: 1. United States Controlled Substances Act Schedule 1 Drugs that have a high potential for abuse and do not have any medical application. For eg: Heroin, Lysergic acid diethylamide (LSD). Schedule 2 Drugs that lead to s

Forensic Chemistry and its Applications

Image
What is Forensic Chemistry ? Forensic chemistry is the branch of forensic science that deals with the analysis of unknown chemical substances found at the scene of the crime like explosives, drugs, accelerants, poisons, etc. Forensic chemistry helps to link these substances with the suspect through different analytical techniques like HPLC, GC-MS, AAS, IR spectroscopy, FTIR, NMR Spectroscopy, etc . Moreover, the nature of these chemicals can also be identified by performing presumptive tests at the scene of the crime itself. Application of forensic chemistry In the arson case investigation, the potential accelerants used in arson present on the debris can be analyzed through techniques like gas chromatography-Mass spectroscopy. Gunshot residue present on the scene of the crime or the clothes of the victim/suspect can be analyzed under the scanning electron microscope. Forensic chemists examine evidence like blood stains, and urine to find traces of drugs, toxins, or poisons. Paper or t

Information Warfare and it's Types

Image
What is Information warfare? Information warfare is a type of warfare that includes the use of information and communication technology to gain tactical and strategic advantage against the opponent. Information warfare technique is widely used by government or military to spread propaganda and disinformation against the opponent government or a country.  Information warfare reduces the operational cost of traditional weapons instead it utilizes the internet and network to spread disinformation into cyberspace. Types of information warfare 1. Personal Information warfare Personal information warfare is the art of obtaining the personal information of an individual without his knowledge or consent. This is done to steal personal information like name, age, work, and location and use it for unfair means methods to steal personal information are password checking, DNS attacks, malware attacks, DoS attack, etc. 2. Corporate information warfare Corporate information warfare is the act of

Cybersecurity and it's Types

Image
What is Cybersecurity? Cybersecurity is the practice of protecting computers, software, data, etc from hackers and malicious attackers. Cybersecurity is also known as Information security as all the information stored in computer and servers need to be secured.  Cybersecurity is essential because nowadays every organization like government, corporate, financial, medical, etc uses the Internet and computers. So, the chances of a security breach are high in them. Cybersecurity can be divided into the following categories: 1. Network security Network security is the process of protecting computers, mobile, etc connected to a network. For example, Network security is essential because nowadays every computer device or IoT device is connected to the internet or other Public/Private network. Hackers can use this network to penetrate these devices and compromise their security. 2. Application Security Application security is the process of protecting the computer applications like web bro

Transportation Injuries in Forensic Medicine

Image
Introduction to Transportation Injuries These injuries are blunt force injuries that happen due to traveling on the ground, air, and water. The most common transportation injuries are motor and pedestrian injuries. Following are the various transportation injuries: Types of Transportation Injuries A) Vehicular Injuries These injuries are blunt force injuries that happen due to traveling on the ground either walking and being hit by some car or simply driving a car and crashing it. Those injured by accidents can be divided into three broad groups that are pedestrians, cyclists (Pedal or motor), and the drivers/passenger of vehicles. 1. Pedestrian Injuries (i) Primary Impact Injuries These injuries are produced when any part of the victim first strikes the vehicle. Generally, when an adult is hit by the front of a car, the front bumper will strike the victim at about knee level. This will help to establish the position of the victim and in crime scene reconstruction. The position of the