Qadit Systems Qadit's SecureITy Zone

                Information is power. Secure IT.

Archive for May, 2009

Tech Terminology Demystified – SQL Injection

May 29th, 2009 in IT Security | No Comments »

SQL injection is an attack on a web server which targets the database the web application is talking to. The aim of the attack is to trick the database server to run queries constructed by the attacker. These attacks can even effect database update or delete transactions.

 

Read more »

Did you know that 852 Indian Websites were defaced in April 2009?

May 27th, 2009 in Uncategorized | No Comments »

A wrap up of some recent interesting information security news 

 

bullet     Indian Websites defaced

 

As per the official information released by CERT-In (the Computer Emergency Response Team operating under the Department of Information Technology, Govt of India), in Feb 2009 47 Indian websites were hacked, while in March 2009 46 Indian websites were hacked. 

 

This figure has jumped to an alarming 852 Indian websites in April 2009.

 

Refer the report at

www.cert-in.org.in/knowledgebase/SecurityBulletin/cisb-Apr09.htm

Read more »

Webscarab – A Beginner’s Guide

May 26th, 2009 in IT Security | 3 Comments »

A HTTP proxy can help you analyse the data that is sent back and forth between your browser and the websites you visit. It sits between your browser and the website you are visiting and it will hand you all the information that the browser is sending to the website. You have the option to even change the data that is being sent.

 

Read more »

Backup Types and Backup Rotation Strategy

May 21st, 2009 in Business Continuity & DR | No Comments »

On the basis of data coverage, backups are of 3 types viz., full backup, differential backup and incremental backup. The following table gives a brief description of each backup type and also compares the backups in terms of backing up speed, restoration speed and storage space required.

Read more »

Cardinal Rule in IT Security – Remove admin rights for end users

May 19th, 2009 in IT Security, Microsoft | No Comments »

In many organizations, End users are generally found to have administrative privileges over their desktops and laptops. But this could turn out to be one of the most potent IT security risk faced by the organization. Read more »

Phishing attacks still a real threat

May 1st, 2009 in Banking, IT Security Frauds | No Comments »

We all know what phishing attacks are and nobody falls prey to such attacks anymore. Right? Wrong.

 

Read more »

It doesn’t matter where the weakest link is as long as it exists.

May 1st, 2009 in Governance, Risk & Compliance, IT Security, Network Security | No Comments »

Day in and out we are reading and listening to news about how lost and stolen data, Virus attacks crippling organizations, unauthorized software that may contain malwares and so on. While it is impossible to eliminate IT risks altogether, certain steps can aid in placing less reliance on the persons and processes and more on technology. At the end of the day it is better to Push Security to End Users than to expect compliance. Read more »