Professional Documents
Culture Documents
1) Injections
Injections are among the oldest and most dangerous attacks to any web application. In
this attack, the attacker simply sends malicious data, in order to make the application
process it and do something it is not supposed to do. Injection flaws are very
prevalent, particularly in legacy code. The core reason being: User-supplied data is
not validated, filtered or sanitized by the application.Injection flaws, such as SQL,
NoSQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter
as part of a command or query.(SQL databases are relational, NoSQL are non-
relational. SQL databases use structured query language and have a predefined
schema. NoSQL databases have dynamic schemas for unstructured data. ... SQL
databases are table based, while NoSQL databases are document, key-value, graph or
wide-column stores.)
Some other potential reasons include:
Hostile data being used or concatenated directly, such that the SQL or command
contains both structure and hostile data in dynamic queries, commands, or stored
procedures.
How to prevent injection flaws: The only sure way to prevent Injection attacks
is input validation and parametrized queries including prepared statements. The
application code never utilize the info straightforwardly.
https://deepsource.io/blog/owasp-top-ten-injection/
2) Broken authentication
Broken authentication refers to the vulnerabilities or weaknesses inherent in an online
platform or application that allows hackers to bypass the login security and gain
access to all the privileges owned by the hacked user. Authentication ensures that
only a verified user can access the information and privileges on the web application.
It gets ‘broken’ when an attacker bypasses the process and impersonates the user on
the application
https://relevant.software/blog/web-application-security-vulnerabilities/
https://www.jigsawacademy.com/blogs/cyber-security/broken-authentication/
3) Sensitive Data Exposure
Sensitive data is any information that’s meant to be protected against unauthorized
access. Data exposure happens when data is left unencrypted in a database or server
accessible to anyone. Sensitive data are often exposed when configuration details for
systems and applications are left unsecured online. Sensitive data can include
anything from personally identifiable information (PII), like social insurance
numbers, to banking information, to login credentials. When this data is accessed by
an attacker as a results of a data breach, users are in danger for sensitive data
exposure.
https://hdivsecurity.com/owasp-sensitive-data-exposure
https://hdivsecurity.com/owasp-broken-access-control
6) Security Misconfiguration
Security Misconfiguration is simply defined as failing to implement all the security
controls for a server or web application, or implementing the security controls, but
doing so with errors.Security misconfigurations arise when security settings are not
defined, implemented, and default values are maintained. Usually, this means the
configuration settings do not comply with the industry security standards (CIS
benchmarks, OWASP Top 10 etc) which are critical to maintaining security and
reduce business risk. Misconfiguration normally happens when a system or database
administrator or developer does not properly configure the security framework of an
application, website, desktop, or server leading to dangerous open pathways for
hackers.
Reflected XSS, where the malicious script comes from the current HTTP request.
Stored XSS, where the malicious script comes from the website's database.
DOM-based XSS, where the vulnerability exists in client-side code rather than
server-side code.
https://portswigger.net/web-security/cross-site-scripting
8) Insecure Deserialization.
Insecure Deserialization is a vulnerability which occurs when untrusted data is used to
abuse the logic of an application, inflict a denial of service (DoS) attack, or even
execute arbitrary code upon it being deserialized.Insecure deserialization often leads
to remote code execution. Even if deserialization flaws do not result in remote code
execution, they can be used to perform attacks, including replay attacks, injection
attacks, and privilege escalation attacks.
Prevention
Manual updates
One option is not to use components that you didn't write. But that's not very realistic.
Most component projects do not create vulnerability patches for old versions. Instead,
most simply fix the problem in the next version. So upgrading to these new versions is
critical.
Use Hdiv
Hdiv vulnerable software detection tools promote a more pragmatic approach,
analysing software dependency both during build time and at runtime, to easily detect
vulnerable bits of software that should be replaced for newer versions. The tools are
designed to cover the whole application lifecycle.
Secure Coding
Secure coding is the practice of writing software that's protected from vulnerabilities.
And secure coding is more important today than ever before.
In computer security, a vulnerability is a weakness which can be exploited by a threat
actor, such as an attacker, to cross privilege boundaries (i.e. perform unauthorized
actions) within a computer system. To exploit a vulnerability, an attacker must have at
least one applicable tool or technique that can connect to a system weakness. In this
frame, vulnerabilities are also known as the attack surface.
2.Model threats. Use threat modeling to anticipate the threats to which the software
will be subjected. Threat modeling involves identifying key assets, decomposing the
application, identifying and categorizing the threats to each asset or component, rating
the threats based on a risk ranking, and then developing threat mitigation strategies
that are implemented in designs, code, and test cases [Swiderski 04].
https://www.perforce.com/blog/sca/what-secure-coding
https://en.wikipedia.org/wiki/Vulnerability_(computing)