How's it going! I wanted to share OWASP's Top 10 Cyber Security Threats 2013 with you and shed some light on how information and data security vulnerabilities and threats become real life legitimate impact to your business. OWASP does a great job to break what application security risk are and the logical pathway to security systems, so when you get a chance take a look at OWASP. The top 10 cyber security threats gives you more insight into how attacks occurs to a corporation's network or to a small or medium employers systems. The information below is an overview of the threat, and the first step in understanding security is to understand how an attack occurs. There is no possible way to prevent the likelihood and impact of vulnerabilities if you do not understand where the attack is coming from. "Victorious warriors win first and then go to war, while defeated warriors go to war first and then seek to win" - Sun Tzu.
Injection
Injection flaws, such as SQL, OS, and LDAP injection occur
when untrusted data is sent to an interpreter as part of a command or query.
The attacker’s hostile data can trick the interpreter into executing unintended
commands or accessing data without proper authorization.
Broken Authentication and Session Management
Application functions related to authentication and session
management are often not implemented correctly, allowing attackers to
compromise passwords, keys, or session tokens, or to exploit other
implementation flaws to assume other users’ identities.
Cross-Site Scripting
XSS flaws occur whenever an application takes untrusted data
and sends it to a web browser without proper validation or escaping. XSS allows
attackers to execute scripts in the victim’s browser which can hijack user
sessions, deface web sites, or redirect the user to malicious sites.
Insecure Director Object References
A direct object reference occurs when a developer exposes a
reference to an internal implementation object, such as a file, directory, or
database key. Without an access control check or other protection, attackers
can manipulate these references to access unauthorized data.
Security Misconfiguration
Good security requires having a secure configuration defined
and deployed for the application, frameworks, application server, web server,
database server, and platform. Secure settings should be defined, implemented,
and maintained, as defaults are often insecure. Additionally, software should
be kept up to date.
Sensitive Data Exposure
Many web applications do not properly protect sensitive
data, such as credit cards, tax IDs, and authentication credentials. Attackers
may steal or modify such weakly protected data to conduct credit card fraud,
identity theft, or other crimes. Sensitive data deserves extra protection such
as encryption at rest or in transit, as well as special precautions when
exchanged with the browser.
Missing Function Level Access Control
Most web applications verify function level access rights
before making that functionality visible in the UI. However, applications need
to perform the same access control checks on the server when each function is
accessed. If requests are not verified, attackers will be able to forge
requests in order to access functionality without proper authorization.
Cross-Site Request Forgery (CSRF)\
A CSRF attack forces a logged-on victim’s browser to send a
forged HTTP request, including the victim’s session cookie and any other
automatically included authentication information, to a vulnerable web
application. This allows the attacker to force the victim’s browser to generate
requests the vulnerable application thinks are legitimate requests from the
victim.
Using Components with Known Vulnerabilities
Components, such as libraries, frameworks, and other
software modules, almost always run with full privileges. If a vulnerable
component is exploited, such an attack can facilitate serious data loss or
server takeover. Applications using components with known vulnerabilities may
undermine application defenses and enable a range of possible attacks and
impacts.
Unvalidated Redirects and Forwards
Web applications frequently redirect and forward users to
other pages and websites, and use untrusted data to determine the destination
pages. Without proper validation, attackers can redirect victims to phishing or
malware sites, or use forwards to access unauthorized pages.
Comments
Post a Comment