Last week, we have finished for server virtualization training at Myanmar Computer Professionals Association Lab BATCH-11 CREDITS Trainer Mr. Nyan Lin Htet Trainee Mr. Kaung Myat Cial Mr. Kaung Htet Thar Mr. Nyi Nyi Lwin Mr. Aung Kyaw Oo Mr. Htet Ko Aung Mr. Zin Wai Phyo Mr. Zaw Min Htut
Point-of-Sale A Point-of-Sale attack is malware designed to steal sensitive information from POS systems. Stolen information from credit cards is considered as the goal of a major POS attack. POS systems are the popular target for the criminals because of their role to process financial transactions. Small businesses without having an advanced information security resources to secure their retail environments are at increased attack. A company was attacked with POS malware in 2013, which is considered as one of the major attacks in the recent years.
SQL injection is technique that exploits a security vulnerability occurring in the application and/or database layer of an application. The vulnerability is present when user input (typically via HTML forms0 is either not validated or incorrectly filtered for string literal escape characters embedded in SQL (structured query language) statements. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. Source: FEMA (TEEX)
Session Hijacking Session Hijacking refers to the exploitation of a valid computer session via theft of a cookie or session key, used to gain unauthorized access to information or services. When an attacker is able to steal the cookie containing session access data, (s)he can make requests as if (s)he were the actual user. If a persistent cookie is stolen, then the impersonation can continue for a prolonged period of time. Source: FEMA (TEEX)