The Most Common Attacks

Some common ways that websites get infected

From CSCI571 PPT "WebIntrusionEVENSHORTERVersion"

  • Cross-site scripting attacks (XSS)
  • SQL injection attacks
  • Search Engine result Redirection
  • Attacks on backend virtual hosting companies
  • Vulnerabilities in web-server or forum-hosting software
  • Using social networking sites to infect users

From Lynda.com

Most common 3:

  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • SQL Injection

Others:

Cookie visibility & theft

how bad:

  • can be stolen using XSS attack
  • can be sniffed by observing network traffic

solutions:

  • Only put non-sensitive data in cookies
  • use HttpOnly cookies
  • use Secure cookies(HTTPS only)

results matching ""

    No results matching ""