Category Archives Knowledge Base

Blackfriday-Thanksgiving-security-for-website-apps-astra-security (2)

Thanksgiving sales have become a big hit online. Customers get to see multiple brands and browse amazing offers just by clicking a few buttons. Most importantly, no more standing in queues and hopping stores. For businesses too, this entire online thanksgiving sales have opened new set of opportunities. For website/app owners with this ease of running sales online comes a…

In an age when we are constantly developing innovative solutions to brace against sophisticated cyber attacks, we often underestimate the havoc that can be unleashed by the benign-looking, more elementary attack forms. They may not make big headlines as the high-profile cyber attacks, but they can be disastrous as well. Local File Execution (LFI) and Remote File Execution (RFI) are similar…

15 Signs Your Website Has Been Hacked

Most customers discover that their website is hacked on seeing the 'Red Screen of Death' by Google or when a customer tells them. This can be dangerous because it means your website has been infected for a long time and may have damaged your website's reputation and privacy. Websites have become central to all businesses these days. They handle everything from e-Commerce…

Server Error Message Disclosure

A well-thought-out server error handling plan during application development is of vital importance in order to prevent information leakage. That's because an error message is capable of forsaking insightful information about an application’s inner workings. Apart from giving up any information to the attacker, a planned error handling strategy is easier to maintain and saves the application from encountering any…

Business logic or application login is the core logic of your website. Business logic defines how data can be created, stored and modified. It is the features that are specific to your business and usually developed for you. For example, e-commerce websites allow visitors to add products to a shopping cart, specify the quantity, delivery address, and payment information. The business logic…

CSRF-All You Need to Know -Astra Security

Cross-Site Request Forgery (CSRF) is one of the most rampantly occurring online attack. Also notoriously known as XSRF or “Sea-Surf”, it is listed as the 8th most common web application vulnerability in the OWASP Top 10 report of 2017 cyber-attacks. Understanding CSRF Execution of a CSRF attack involves a malicious website sending a request to a web application via another formerly authenticated…

A variety of web applications employs database systems for the provision of backend functionality. A widely used language used to query, operate, and administer database systems is Structured Query Language (SQL). Owing to its rampant use in web applications globally, SQL-powered databases are easy and frequent targets for cyber-criminal acts, the severity of which depends solely on the intricacies of…

Clickjacking - All You Need to Know

Often stated as one of the most overlooked of all web vulnerabilities, clickjacking aka UI redress attack refers to a type of attack that tricks users into unwarily clicking on nefarious links set up by the attacker. On clicking these links, the attacker is able to gather confidential information, compromise the user’s privacy, or make a user perform actions online…

Cross Site Scripting XSS - Astra Security

Cross-Site Scripting (XSS) attacks are stated as one of the most rampant occurring yet easily fixable injection attack faced by e-commerce businesses and a variety of other web applications. From targeting applications built on archaic web technologies to newer ones using rich, client-side UIs, XSS has plagued them all. However, it is imperative to realize that vulnerabilities posing as a…

12
Close