Vulnerability Examples SQL injection is an attack technique in which an attacker exploits security vulnerabilities toinject and execute arbitrary SQL statements, thereby manipulating the database to performabnormal operations. There are attack types such as Error SQL Injection, Blind SQLInjection, and Union based SQL Injection. For example, in the code in the figure below, the […]
Cross-site scripting (XSS) is an attack method that contains malicious scripts on a web page and is placed on the user’s side. For example, if an unverified external input value is used to create a dynamic web page, visitors to that web page will immediately see the attacker’s identity and information about the target web
Vulnerability Examples: An overflow vulnerability occurs when a program that uses contiguous memory space triesto read or write data to a location beyond the allocated memory range. By causing programmalfunction or executing malicious code, an attacker gains the authority to control theprogram. Most of the vulnerabilities are caused by copying into memory without verifying the
Vulnerability Examples: Command Injection is a vulnerability in which unintentional system commands are executed by user input values that have not undergone proper verification procedures, which can inappropriately change user privileges or adversely affect system operation and operation. For example, when the program is executed as shown in figure below, a specific string
Vulnerability Examples: File download and execution vulnerabilities refer to weaknesses that arise from the capabilityof ActiveX to download external files. These methods are typically employed to executefunctions within ActiveX or to substitute a specific module. When a file is downloaded, theexternal server, file name, and local save path are provided as argument values. As
Understanding The DPP Law In the digital age, data protection has become a paramount concern for both businesses and individuals. Rwanda, cognizant of these shifting paradigms, introduced the Data Protection and Privacy (DPP) Law, setting standards and guidelines for businesses operating within its jurisdiction. Ensuring compliance with this comprehensive regulation is not just a
The CyberTech Africa Conference is an important cybersecurity and information technology event held annually in Africa. It brings together cybersecurity experts, IT and security solution providers, government officials and policymakers, business leaders and corporate representatives, and academic researchers from across Africa to discuss the latest technologies, trends, and challenges. WikiSecurity Co. Ltd. has maintained continuous
The Tanzania ICT Commission recognizes the importance of cybersecurity at the national level, and as part of this, we are pursuing a national cybersecurity policy with great interest in fostering professional experience. The Korean government agency KISA (Korea Internet & Security Agency) and the Tanzania Government ICT Commission signed a project agreement for
“The 2018 Kosovo/TAK’s Adaptive Security System Development Pilot Project” which carried out for seven months through May to November for the Tax Administration of Kosovo has been successfully completed.The Tax Administration of Kosovo which is an agency of the Ministry of Finance of Kosovo is responsible for all tax related affair, and the purpose of
In order to share our experiences and know-how of Cyber Security in Korea with peoples in the blind spot of information security, we were started the WiKian-Junior, an internship program designed earlier this year. As the first case of our this internship program, Ismael N. Sekaamana who graduated from Information Technology Department in Adventist University