Skip to main content

Web Security Vulnerabilities

 WEB SECURITY VULNERABILITIES


What does web security vulnerability mean?

Computer Vulnerability is a cyber security term which refers to any defect or weakness in a

computer system or network that can leave it open to attack by the hackers or cyber criminals.

These web vulnerabilities can cause due to many reasons. Even if while working a pop up showed up

and you accidentally OK to it, it may amount to any undesirable event which can compromise the

security of your computer system, protocols, software, application etc.


Ordinary web vulnerabilities

A software is connected to an outlander on any other network to the nuts and bolts till the operating

system. Around the clock if a stoner opens a program or application without certain restrictions, the

stoner potentially invites bushwhackers to rewrite the codes which keeps the information secured.

The common web vulnerabilities include:

 Bugs

 Buffer overflow

 Missing data encryption

 Weak passwords

 Use of broken Algorithms

 Cross-site scripting and forgery

 Path traversal

 Missing authentication for critical function

 URL redirection to untrusted sites

 OS command injection


These are just few from the wide range of vulnerabilities which steals and corrupts the data anyhow.

And this already big number climb up every year.


What causes web vulnerabilities?

Connectivity: When networks or systems are connected to each other they are very much prone to

vulnerabilities.

 Defected OS: Unsecured operating system by default give access to viruses and malware.

 Complexity of system: Sometimes systems persist misconfigurations and flaws which can

again a threat to system.


 Familiarity: When cyber criminals are known to the hardware, software, codes etc. they may

attack the computer system easily.

 Weak passwords: Weak passwords, repeated passwords or reused passwords gives way to

hacker to hack all the things concerned with the same.

 Software bugs: When programmers leave the bugs in the system or in any application it may

amount to exploitation of the system or software.

In addition when programmers are inadequate to understand the system or software thoroughly or

while programming or designing or working on the same he do not consider all the aspects it gives a

reason for the existence of web security vulnerabilities. Simultaneously there are many more

reasons which adds up to the list above stated.


Web security vulnerabilities management

The four steps process of identification, evaluation, treatment and reporting of such exploitable

vulnerabilities present in the system and software sums up the cyber security vulnerabilities

management. Along with this efficient management the firm needs to have various other tactics to

cures such cyber threats. Every time when new technologies, systems, software are added the new

vulnerabilities are discovered. Thus, to protect our cyber mechanisms we need to carry on this

process continuously.


Identification

The most vital task by Vulnerability scanners is to scan the cyber defects or vulnerabilities in the

systems, desktops, servers connected to various networks. This helps firms to maintain their system

vulnerability data secured doesn't matter with which network your desktop is connected with.

Evaluation of vulnerabilities

Once the identification of the vulnerabilities are done, the next step is to categorize the same.

Vulnerability management provides scores or ratings through common vulnerability scoring system

(CVSS) to every identified threat and gives the hint to the firm on which threat they should work on

at foremost.


Treating vulnerabilities

Treatment of vulnerabilities is crucial and latter step after identification and evaluation of the

computer vulnerabilities.


The different means of treating the cyber vulnerabilities are:

 Remediation:


When one completely fixes the problem or patch a vulnerability so that it won't turn up

again. It is the most vital way for the firms.

 

 Mitigation:

It minimize the impact of certain vulnerabilities rather fixing it completely. This is used by

the firms when they do not have the proper fix available or they do not have adequate time

for the same.

 

 Acceptance:

This means when the risk is actually accepted instead of treating as treatment costs greater

than the risk of vulnerability.


Reporting Vulnerabilities

Performing regular and nonstop vulnerability assessments enables associations to understand the

speed and effectiveness of their vulnerability operation program over time. Vulnerability operation

solutions generally have different options for exporting and imaging vulnerability checkup data with

a variety of customizable reports and dashboards.

Not only does this help IT brigades fluently understand which remediation ways will help them fix

the most vulnerabilities with the least quantum of trouble, or help security brigades cover

vulnerability trends over time in different corridor of their network, but it also helps support

associations' compliance and non-supervisory conditions.

Conclusion

Technology is the primary need of the day. It provides you with end number of opportunities and

accomplishments which can help nations in its veritably true sense. National security is in peril when

it comes to relaxed Data. However, cyber culprits are always keeping an eye on such dominant data

which might destroy the world's big fat companies like Apple, Microsoft, Twitter etc. in one go by

costing information from their workers through "Watering hole attack" which will direct them to the

websites used by the hackers for attacking just like how "MORPHO" did.

There are several others like "BUREAU 121" which ended up attacking Sony Pictures and took further

than 100 Terabytes of the data. Consequently, they are now aware of the forthcoming actors and

workers which will work for coming 4-5 years or perhaps further. Cyber security vulnerabilities act as

well-spring to these high-profile cybercrimes. Therefore, Cyber Security isn't only essential but a

necessity moment to maintain world peace.

Labels:

Comments

Post a Comment

Popular posts from this blog

Section 58B of The Advocates Act - Special provision relating to certain disciplinary proceedings

 Section 58B The Advocates Act Description (1) As from the 1st day of September, 1963, every proceeding in respect of any disciplinary matter in relation to an existing advocate of a High Court shall, save as provided in the first proviso to sub-section (2), be disposed of by the State Bar Council in relation to that High Court, as if the existing advocate had been enrolled as an advocate on its roll. (2) If immediately before the said date, there is any proceeding in respect of any disciplinary matter in relation to an existing advocate pending before any High Court under the Indian Bar Councils Act, 1926 (38 of 1926), such proceeding shall stand transferred to the State Bar Council in relation to that High Court, as if it were a proceeding pending before the corresponding Bar Council under clause (c) of sub-section (1) of section 56: Provided that where in respect of any such proceeding the High Court has received the finding of a Tribunal constituted under section 11 of the Indian B
Post a Comment
Read more

Case Laws related to Defamation in favour of ClaimantCase Laws related to Defamation in favour of Claimant. TOLLEY Vs, J.S FRY & SONS LTD – (1931) Facts The defendants were owners of chocolate manufacturing company. They advertised their products with a caricature of the claimant, who was a prominent amateur golfer, showing him with the defendants’ chocolate in his pocket while playing golf. The advertisement compared the excellence of the chocolate to the excellence of the claimant’s drive. The claimant did not consent to or knew about the advertisement. Issue The claimant alleged that the advertisement suggested that he agreed to his portrait being used for commercial purposes and for financial gain. He further claimed that the use of his image made him look like someone who prostituted his reputation for advertising purposes and was thus unworthy of his status. At trial, several golfers gave evidence to the effect that if an amateur sold himself for advertisement, he no longer maintained his amateur status and might be asked to resign from his respective club. Furthermore, there was evidence that the possible adverse effects of the caricature on the claimant’s reputation were brought to the defendants’ attention. The trial judge found that the caricature could have a defamatory meaning. The jury then found in favor of the claimant. Held The House of Lords held that in the circumstances of this case – as explained by the facts – the caricature was capable of constituting defamation. In other words, the publication could have the meaning alleged by the claimant. The Lords also ordered a new trial limited to the assessment of damages. NEWSTEAD V LANDON EXPRESS NEWSPAPER LTD, (1939) Facts: A newspaper published a defamatory article about Harold Newstead. However, another person with this name brought an action in libel. He claimed that the article had been misunderstood as leading to him. The defendant newspaper recognised that they published the article. Also, they denied that they had the intention of being defamatory of him. Consequently, the claimant argued that the newspaper was under a duty. The duty was to give a clear and complete description of the correct person. Moreover, the claimant argued that the defendants were in breach of the duty. Issues: The issue in Newstead v London Express Newspaper, was if the reasonable persons would have understood the words complained of to refer to the plaintiff. Held: The Court of Appeal stated that in accordance with the current law on libel, liability for libel does not depend on the intention of the defamer; but on the fact of the defamation. Accordingly, a reasonable man, in this case a newspaper publisher, must be aware of the possibility of individuals with the same name and must assume that the words published will be read by a reasonable man with reasonable care.

  Case Laws related to Defamation in favour of Claimant.  TOLLEY  Vs,  J.S FRY & SONS LTD – (1931) Facts The defendants were owners of chocolate manufacturing company. They advertised their products with a caricature of the claimant, who was a prominent amateur golfer, showing him with the defendants’ chocolate in his pocket while playing golf. The advertisement compared the excellence of the chocolate to the excellence of the claimant’s drive. The claimant did not consent to or knew about the advertisement.   Issue The claimant alleged that the advertisement suggested that he agreed to his portrait being used for commercial purposes and for financial gain. He further claimed that the use of his image made him look like someone who prostituted his reputation for advertising purposes and was thus unworthy of his status. At trial, several golfers gave evidence to the effect that if an amateur sold himself for advertisement, he no longer maintained his amateur status and might be aske
1 comment
Read more

Rules as to delivery of goods

                             Rules as to delivery of goods Section 2(2) of Sale of Goods Act defines ‘delivery’ as a ‘voluntary transfer of possession from one person to another.’ Thus, if the transfer of goods is not voluntary and is taken by theft, by fraud, or by force, then there is no ‘delivery. Moreover, the ‘delivery’ should have the effect of putting the goods in possession of the buyer. The essence of the delivery is a voluntary transfer of possession of goods from one person to another. There is no delivery of goods where they are obtained at pistol point or theft. 1. Mode of Delivery: According to Section 33, delivery of goods sold may be made by doing anything which the parties agree shall be treated as delivery or which has the effect of putting the goods in the possession of the buyer or of any person authorized to hold them on his behalf. Delivery of goods may be actual, symbolic or constructive. 2. Expenses of Delivery: According to Section 36(5), unless otherwise agree
Post a Comment
Read more