Tag: CSRF

Ultimate Guide to CSRF

The Ultimate Guide to Understanding & Preventing CSRF

We hear about SQL injection and Cross-Site Scripting constantly – but there are eight other high-risk vulnerabilities we need to be aware of, just in the OWASP Top Ten. One of those eight is yet another one to keep your eyes out for: Cross-Site Request Forgery, normally shortened as CSRF or XSRF.     CSRF

Read More ›

15 AppSec Tips From the Top Ethical Hackers of 2014

2014 will go down as the year of the mega-attacks. It all started off during last years holiday season with the Target hackings that affected over 100 million customers. Soon the Heartbleed and Shellshock vulnerabilities were exposed, causing havoc all across the planet. The hackings kept on coming in the latter stages of the year

Read More ›

Recent PayPal Bug Highlights CSRF Vulnerability Risks

PayPal has revolutionized the e-commerce market in recent years with its convenient characteristics that bolster user privacy. Gone are the days when online shopping required cumbersome bank transfers or complex credit card verifications. Unfortunately there is still work to be done on the security front after Egyptian researcher Yasser Ali shocked the world with his PayPal bug

Read More ›

7 Essential Resource Centers to Boost Your InfoSec IQ

Many applications today possess critical vulnerabilities – SQL injections (SQLi), Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) being just a few of them. The first step in combating these security issues is getting to know how they work and learning about them from real life scenarios. Unfortunately, not all developers today are familiar with the

Read More ›

Samsung’s ‘Find My Mobile’ CSRF Flaw: A Wake Up Call for Mobile Developers

Samsung is currently topping sales charts worldwide with a wide range of Android powered phones catering to virtually all market segments. This mass distribution of mobile devices has magnified the importance of creating secure mobile applications. Unfortunately, a CSRF loophole has been found in one of the the South Korean phone manufacturer’s proprietary applications.

Read More ›

Jump to Category