Category Archives Knowledge Base

20 Must- Know Hack Terminologies To Safeguard Your Online Business from Hackers

In today's times, an online presence makes one vulnerable to unprecedented cyber attacks and a variety of malicious attacks on both small and large scales. On a daily basis, we encounter countless incidents of data breaches, information disclosure, financial theft and failing businesses. One doesn't need to be technical minded to understand basic hacking terminologies which may one day render…

Blackfriday-Thanksgiving-security-for-website-apps-astra-security (2)

Thanksgiving sales have become a big hit online. Customers get to see multiple brands and browse amazing offers just by clicking a few buttons. Most importantly, no more standing in queues and hopping stores. For businesses too, this entire online thanksgiving sales have opened new set of opportunities. For website/app owners with this ease of running sales online comes a…

In an age when we are constantly developing innovative solutions to brace against sophisticated cyber attacks, we often underestimate the havoc that can be unleashed by the benign-looking, more elementary attack forms. They may not make big headlines as the high-profile cyber attacks, but they can be disastrous as well. Local File Execution (LFI) and Remote File Execution (RFI) are similar…

Server Error Message Disclosure

A well-thought-out server error handling plan during application development is of vital importance in order to prevent information leakage. That's because an error message is capable of forsaking insightful information about an application’s inner workings. Apart from giving up any information to the attacker, a planned error handling strategy is easier to maintain and saves the application from encountering any…

Business logic or application login is the core logic of your website. Business logic defines how data can be created, stored and modified. It is the features that are specific to your business and usually developed for you. For example, e-commerce websites allow visitors to add products to a shopping cart, specify the quantity, delivery address, and payment information. The business logic…

CSRF-All You Need to Know -Astra Security

Cross-Site Request Forgery (CSRF) is one of the most rampantly occurring online attack. Also notoriously known as XSRF or “Sea-Surf”, it is listed as the 8th most common web application vulnerability in the OWASP Top 10 report of 2017 cyber-attacks. Understanding CSRF Execution of a CSRF attack involves a malicious website sending a request to a web application via another formerly authenticated…

A variety of web applications employs database systems for the provision of backend functionality. A widely used language used to query, operate, and administer database systems is Structured Query Language (SQL). Owing to its rampant use in web applications globally, SQL-powered databases are easy and frequent targets for cyber-criminal acts, the severity of which depends solely on the intricacies of…

Clickjacking - All You Need to Know

Often stated as one of the most overlooked of all web vulnerabilities, clickjacking aka UI redress attack refers to a type of attack that tricks users into unwarily clicking on nefarious links set up by the attacker. On clicking these links, the attacker is able to gather confidential information, compromise the user’s privacy, or make a user perform actions online…

Cross Site Scripting XSS - Astra Security

Cross-Site Scripting (XSS) attacks are stated as one of the most rampant occurring yet easily fixable injection attack faced by e-commerce businesses and a variety of other web applications. From targeting applications built on archaic web technologies to newer ones using rich, client-side UIs, XSS has plagued them all. However, it is imperative to realize that vulnerabilities posing as a…

12
Close