Friday, January 3, 2020

Security Series: CSRF - Cross-Site Request Forgery


Monitor Code Photo by Pankaj Patel on Unsplash

I previously described a SQL injection attack, and an XSS attack which is two of the main vulnerabilities on the web but another vulnerability that is often missed is the Cross-Site Request Forgery attack (CSRF). 

Thursday, January 2, 2020

Security Series: XSS - Cross-site Scripting

Monitor Code Photo by Ilya Pavlov on Unsplash

I probably learned more about CSS by fiddling with my MySpace account in 2003 than I did during my web design class in high school (a course where we only learned FrontPage and the magically generated nested-table code). 

Wednesday, January 1, 2020

Security Series: SQL Injections

 
Earth Photo by NASA on Unsplash


    Although most of the hacks and data leaks you hear about now are due to misconfigurations of cloud services or weak credentials, a few of the 'classic' vulnerabilities are still out on the web.