Jump to content

Search the Community

Showing results for tags 'web attacks'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Job Boards
    • Jobs
  • Community Lounge and FAQ
    • Forum News
    • Open Forum
    • New Members Forum - Start Here!
  • Entrepreneurship, Business and Marketing
    • Social Media Marketing & Web Marketing
    • Entrepreneurship
    • Career Questions - Asked and Answered
  • StudioWeb
    • StudioWeb
    • StudioWeb News
    • StudioWeb Projects
  • Programming
    • Python
    • Javascript
    • PHP
  • Web Design
    • Beginners Web Design
    • HTML/XHTML
    • Dreamweaver
    • CSS
    • Advanced Web Design
    • Business of Web Design
    • Web Design News
  • Miscellaneous
    • Cybersecurity
    • Miscellaneous Software
    • Blogs and CMS
    • Web Accessibility
    • Peer-to-Peer Reviews
    • Website Templates
    • Web Design Jobs
    • Test Forum
  • Archives
    • Beginners Web Design
    • Course: The Complete Entrepreneur
    • Web Accessibility
    • Photoshop
    • CSS
    • Forum Rules and Etiquette
    • Flash
    • ASP
    • General Programming
    • Expression Web
    • Beginners Ruby
    • Killersites University
    • Actionscript

Calendars

  • Community Calendar

Categories

There are no results to display.

There are no results to display.

Product Groups

  • Business & Entrepreneur Courses

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website


LinkedIn


Facebook


Twitter


AIM


Yahoo


Other


Location


Interests

Found 1 result

  1. Web Developers, much of my posting to date has covered protecting yourself. Lets talk about protecting your customer and their users. I cannot state this any stronger, Strong Passwords! If it takes little effort to break a password than the site you built can be hi-jacked to pass out malware. Database design, consider making it a tiered design. Sensitive data in a red zone, encrypted and password protected with strict access permissions. Less sensitive data in a Yellow zone that has lesser protection and more access and simple stuff in a green zone with just password protection and general permissions. If you use look-up tables that state that "2 = married with children", that is a look-up table and needs liuttle protection. But all sensitive data should be encrypted so that if adversaries do get to it... they can't read it. Be aware of SQL Injection attacks. If you allow data to be added to a website, make sure it is checked. If you allow basic comments with no security, an adversary could insert JavaScript into that comment that does really bad things. Malware Detection - Discovering Cross-Site Scripting Attacks Watering Hole Attacks. I think LastLine blog defined it rather well: "In a network watering hole attack, cybercriminals set traps in websites that their target victims are known to frequent. Often the booby-trapped websites are smaller, niche sites that tend to have limited security. These sites can include business partner sites or small websites that provide specific products, services, or information to the target company or industry. When visited, the compromised website infects the target end-users computer or device with keyloggers, ransomware, and other types of malware." The issue here is really about protecting web sites you build from being the water holes that infects your customers users. Network Security and Watering Hole Attacks As I come across tips for securing your web sites, I will expand this thread.
×
×
  • Create New...