Author Archives Zbigniew Banach

XXE injection attacks exploit support for XML external entities and are used against web applications that process XML inputs. Attackers can supply XML files with specially crafted DOCTYPE definitions to perform attacks including denial of service, server-side request forgery (SSRF), or even remote code execution. Let’s see how XXE injection attacks work, why they are possible, and what you can do to prevent them. Read More

The coronavirus outbreak has sent the world into chaos, and cybercriminals were quick to exploit this opportunity. Malware, scams, and phishing attacks related to the COVID-19 crisis are all on the rise, as are cyberattacks on healthcare providers. Here is our view of the current cybersecurity situation and our advice on staying secure during this exceptional time. Read More

Content Security Policy (CSP) is a computer security standard that provides an added layer of protection against Cross-Site Scripting (XSS), clickjacking, and other client-side attacks that rely on executing malicious content in the context of a trusted web page. This article shows how to use CSP headers to protect websites against XSS attacks and other attempts to bypass same-origin policy. Read More

LDAP injection attacks exploit input validation vulnerabilities to inject and execute queries to Lightweight Directory Access Protocol servers. LDAP services are crucial for the daily operation of many organizations, and a successful LDAP injection attack can provide valuable information for further attacks on databases and internal applications. This article looks at how LDAP injection works and shows how it can be prevented to improve web application security. Read More

Everyone is concerned about information security, data breaches, malware, and cyberattacks, but how do you actually measure an organization’s cybersecurity? How can you quantify the current state of cybersecurity and track improvements? Every cybersecurity program needs carefully defined cybersecurity metrics – performance indicators that provide meaningful and comparable values. This article shows how to define useful cybersecurity metrics, examines the benefits they can bring, and suggests a starter set of metrics for web application security. Read More

At first glance, penetration testing and vulnerability scanning appear to be two different names for the same basic task: finding vulnerabilities. Under pressure to reduce costs, businesses may be tempted to replace penetration testers with ever-improving vulnerability scanning solutions. In reality, vulnerability scanning and penetration testing are two very different processes, and each is vital to ensure accurate vulnerability assessments and maintain a solid security posture. Let’s have a closer look at both approaches and see how they can be combined to maximize web application security. Read More

Blind SQL injection is a type of SQL injection attack where the attacker indirectly discovers information by analyzing server reactions to injected SQL queries, even though injection results are not visible. Blind SQL injection attacks are used against web applications that are vulnerable to SQL injection but don’t directly reveal information. While more time-consuming than regular SQL injection, blind SQL injection attacks can be automated to map out the database structure and extract sensitive information from the database server. Read More

It’s no secret that cybersecurity and the Internet of Things don’t go well together. Thousands of IoT devices are finding their ways into homes, businesses, and many other areas of our lives, but security is rarely high on device manufacturers’ list of priorities. With no industry standards for architecture or security, devices often use custom-built operating systems and proprietary communication protocols. Internet of Things security remains a veritable minefield, and problems with IoT cyberattacks and malware can only continue to grow along with the number of devices. So why is it so hard to secure IoT devices, and what can we do about it? Read More

The Heartbleed bug is a critical buffer over-read flaw in several versions of the OpenSSL library that can reveal unencrypted information from the system memory of a server or client running a vulnerable version of OpenSSL. Attacks can reveal highly sensitive data, such as login credentials, TLS private keys, and personal information. Let's take a closer look at one of the most serious and widespread security vulnerabilities in web history and see how just one buggy line of code could wreak havoc across the world. Read More

A cybersecurity framework is a comprehensive set of guidelines that help organizations define cybersecurity policies to assess their security posture and increase resilience in the face of cyberattacks. Cybersecurity frameworks formally define security controls, risk assessment methods, and appropriate safeguards to protect information systems and data from cyberthreats. This article looks at the reasons for using a cybersecurity framework and shows how you can find best-practice cybersecurity processes and actions to apply to web application security. Read More

This case study and video shows why SyCom, one of the largest systems integrators on the East Coast of the United States, has been reselling the Netsparker web application security scanner and using it in their web application security offerings for many years running. Read More

BEAST, or Browser Exploit Against SSL/TLS, was an attack that allowed a man-in-the-middle attacker to uncover information from an encrypted SSL/TLS 1.0 session by exploiting a known theoretical vulnerability. The threat prompted browser vendors and web server administrators to move to TLS v1.1 or higher and implement additional safeguards. Although no modern web browser remains vulnerable, the BEAST attack shows how a minor theoretical vulnerability can be combined with other weaknesses to craft a practical attack. This article looks at how the BEAST attack worked, why it was possible, and how it was eventually mitigated. Read More

System hardening is the practice of securing a computer system by reducing its attack surface. This includes removing unnecessary services and unused software, closing open network ports, changing default settings, and so on. For web applications, the attack surface is also affected by the configuration of all underlying operating systems, databases, network devices, application servers, and web servers. This article examines approaches to system hardening and shows what security measures you can apply to keep your web applications safe. Read More

In September 2019, a new CWE/SANS Top 25 Most Dangerous Software Errors list was published for the first time since 2011. Unlike previous lists, it was calculated by analyzing reported vulnerabilities to determine underlying weaknesses, so it is especially valuable for developers and software security professionals. This article looks at the top-rated software weaknesses and shows how they apply in practice to web application security. Read More

2019 has been a very special year for Netsparker, as we celebrated our 10th anniversary. For the past 10 years, our revolutionary web vulnerability scanner has been helping organizations of all sizes worldwide to eliminate vulnerabilities, reduce costs, and embrace automation. We’ve also been busy with industry events, security research, whitepapers, and blog articles – so please join us for a look back at this year’s highlights and most popular content. Read More

DNS cache poisoning attacks try to fool applications into connecting to a malicious IP address by flooding a DNS resolver cache with fake addresses corresponding to requested domain names. If the attacker succeeds in filling the DNS cache with false data, the resolver might return a spoofed address instead of querying for the real one. As a result, the user might connect to a malicious site at the address returned from the cache. Let’s see why DNS spoofing is possible and how you can mitigate the threat. Read More

A reverse shell is a shell session established on a connection that is initiated from a remote machine, not from the attacker’s host. Attackers who successfully exploit a remote command execution vulnerability can use a reverse shell to obtain an interactive shell session on the target machine and continue their attack. Reverse shells can also work across a NAT or firewall. This article explains how reverse shells work in practice and what you can do to prevent them. Read More

2019 has seen cybersecurity issues firmly take their place in the news, both for the technology industry and the general public. While organizations are increasingly aware of the importance of cybersecurity, most are struggling to define and implement the required security measures. In this article, we take a look at 10 cybersecurity trends that are likely to shape the cybersecurity landscape in 2020, from data breaches and IT security staff shortages to security automation and integration. Read More

Red team versus blue team exercises simulate real-life cyberattacks against organizations to locate weaknesses and improve information security. In this wargaming approach, the red team are the attackers and they attempt to infiltrate an organization’s digital and physical defenses using any attack techniques available to real attackers. The blue team’s job is to detect penetration attempts and prevent exploitation. Red team vs blue team exercises can last several weeks and provide a realistic assessment of an organization’s security posture. Read More

Static code analysis tools are used to automatically check source code for errors and security vulnerabilities, as well as ensure compliance with coding standards. While effective for some classes of vulnerabilities, they have a number of disadvantages and limitations, especially for web applications. Dynamic analysis solutions address many of these problems and can complement or replace static tools. This article looks at some of the shortcomings of static analysis and shows how deploying dynamic analysis tools can help you improve web application security. Read More