Application Security This Week for February 23

by Bill Sempf 23. February 2020 11:04

Portswigger (the company that makes Burp Suite) is out with their Top 10 web application hacking techniques.

https://portswigger.net/research/top-10-web-hacking-techniques-of-2019

 

Solid evidence that APIs are becoming the main target for credential stuffing attacks.

https://www.csoonline.com/article/3527858/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html

 

Another decent writeup for template injection.  Attacks like this are becoming SO much more common in SPAs.

http://ghostlulz.com/angularjs-client-side-template-injection-xss/

 

That's the news, people.  Stay safe out  there.

Tags:

E-Mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (0)
Comments are closed

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

PageList

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList

TagCloud

Mastodon