Connect with us

Featured

Cyber threats: Don’t panic!

Published

on

Building and running your own website can be a daunting task, especially with the cyber crime that you are exposed to. But, says MYRON SALANT of Webafrica, there is no need to panic as there are various services to keep you safe.

The cyber-world can be a dark and daunting place, especially if you are building and running your own websites or have an online business. Cyber-crime in the form of hacking could result in your website being blacklisted by Google, equating to a drop in search rankings, a damaged reputation, and a loss of revenue as you try to get your site back up.

“But there is no need to panic,” says Myron Salant, web services product manager at Webafrica. “Many website owners only think about security after their site gets hacked, but knowledge is power: if you know what the threats are you can arm yourself appropriately and get one step ahead of the hackers.”

Myron has identified the top 10 threats to your website that you should be aware of:

Injection

Injection happens when hostile data is sent to an interpreter as part of a query or command. This data tricks the interpreter, resulting in unintended commands and corrupt data. It’s a common problem in web applications, particularly with SQL injection.

Cross-site scripting

When an application sends user-supplied data to a web browser without first validating or encoding it, cross-site scripting (XSS) can occur. This lets hackers execute scripts in the victim’s browser that hijack user sessions or vandalize websites.

Insecure direct object references

Web applications don’t always verify that the user is authorized for the target object. Without an access control check or similar protection, supposedly secure data can be accessed and stolen by attackers.

Cross-site request forgery

CSRF tricks a victim into submitting fake HTTP requests via cross-site scripting or image tags. It’s an issue for web applications that inadvertently allows hackers to predict the details of a transaction – for example, automatically-generated session cookies. Attackers create hostile web pages which generate forged requests indistinguishable from real ones.

Insecure cryptographic storage

It’s hard to believe but many web applications still do not properly protect sensitive data such as credit card numbers and personal details. Attackers can easily access poorly encrypted data and use it to commit credit card fraud, identity theft and other data-related crimes.

Failure to restrict URL access

An application may protect sensitive functionality only by not displaying relevant URLs to unauthorized users. By accessing those ULRs directly, attackers can exploit this weakness to perform unauthorized operations.

Invalidated re-directs & forwards

Web applications may re-direct and forward visitors to other pages and websites without proper validation. Attackers can then re-direct victims to phishing or malware sites or use forwards to access unauthorized pages.

Broken authentication & session management

Account credentials and session tokens are sometimes not properly protected. Attackers simply use stolen passwords, keys and authentication tokens to steal other users’ identities and commit crimes.

Security misconfiguration

Attackers exploit security configuration weaknesses at any level whether it’s the platform, web server, application server, framework or custom code. These flaws give attackers unauthorized access to default accounts, unused pages, un-patched flaws, unprotected files and system data.

Insufficient transport layer protection

When applications fail to authenticate, encrypt and protect sensitive network traffic, they may support weak algorithms, use expired or invalid certificates, or execute commands incorrectly.

“The above threats can simply be avoided by implementing an online security system, such as SiteLock, for example,” says Myron. “If you are unsure about the right security solution for your website, speak to your web developer – as the cliché goes, prevention is better than cure!”

Featured

Smash hits the
Nintendo Switch

Super Smash Bros. delivers what the fans wanted in the latest “Ultimate” instalment, writes BRYAN TURNER.

Published

on

Super Smash Bros. Ultimate, the latest addition to the popular Nintendo Smash series, has landed on the Nintendo Switch with a bang, selling 5-million copies in the first week of its release. The game has been long-anticipated since the console’s release, as many fans consider iy to be a Nintendo staple. And the wait was well worth it.

It features 74 playable fighters, 108 stages, almost 1300 Spirit characters to collect while playing, and a single-player Adventure mode that took about three days (or 28 hours) of gameplay to complete. The game offers far more gameplay than its predecessors, making it the Smash game that gives its players the best bang for their buck.

For those new to the game, the goal is to fight opponents and build up their damage score (draining their health) to knock them off the stage eventually. This makes the game seem chaotic, as many players jump around the platforms as if they were on quicksand, in order to avoid being hit by the other players.

It also services two kinds of players: the competitive and the casual.

Competitive players can be matched on the online service by skill ranking to enjoy playing with similarly high-skilled opponents. This is especially important in e-sports training for the game, and for players wanting to master combos against other human players. The casual gamer is also catered for, with eight-player chaos and button-mashing to see who comes out luckiest. This segment is also important for those wanting to learn how to play.

Training mode is also a place to go for those learning to play. It offers “CPU” players that are graded by intensity to train as a single player to learn a character’s moves, combos and general fighting style. More challenging CPU players can also be used by competitive players to train when there isn’t a Wi-Fi connection available.

Direct Play features in this game, allowing two players with two Switch consoles to play against each other over a direct connection – no Wi-Fi needed. This is especially useful to those who want to have a social gaming element on the go, similar to that of the cable connector of the Gameboy.

Click here to read Bryan Turner review of Super Smash Bros. Ultimate.

Previous Page1 of 3

Continue Reading

Competitions

Win Funko Fortnite in Vinyl

Gadget and Gammatek have nine Funko Fortnite figurines to give away.

Published

on

A Funko Pop figurine based on a character set is indicative of reaching the heights of pop culture. It is no surprise, then, that the world’s biggest online game, Fortnite, has its own line of Funko Pop figurines. The Funkos are modeled on the characters in game, including Drift, Ragnarok, Dark Vanguard, Volar, Tracera Ops, and Sparkle Specialist.

Now, local Funko distributor Gammatek has released the Fortnite figurines in South Africa. To celebrate, Gadget and Gammatek are giving away a set of three Funko Fortnite figurines to each of three readers (9 figurines in total). To enter, first click on your favourite Funko Pop on the next page and post the Tweet that appears. Then, follow Gadget on Twitter.

You can put the tweet in your own words, but entries must have the competition’s hashtag (#FunkoFortnite) and mention @GadgetZA to be considered valid.

Click here to select the Funko Fortnite character you want to tweet.

Previous Page1 of 2

Continue Reading

Trending

Copyright © 2018 World Wide Worx