June 23rd 2020
I’m a beginner Software developer from Georgia with a big love for all things blockchain!
Cyber attacks are becoming something of an everyday practice lately. This has grown into a huge problem since unsecured accounts are usually subject to malicious attacks, which result in the theft of assets. The higher the value of assets the more interest hackers have and the more cybersecurity is required. The issue is increasingly true for brokerages, which deal with traders that are moving lots of money through their accounts. This prompted lots of firms to review their cybersecurity standards and start working on the betterment of the system as a whole. This is in the face of the popularity of breaches and exploitations of security vulnerabilities. Not a week goes by without headlines lighting up with new and terrifying data leaks. As a rule of thumb in the cybersecurity industry if the website has not been attacked it is just a matter of time until it will. Thus, it is important to make sure every aspect of the cybersecurity is covered and fully taken care of.
Injections, or the most popular type SQL injections, are becoming popularized in the field of malicious IT practices. This is when a hacker sends malformed requests with tainted payloads. This is done via utilized any text input bar on your website. This in a term, will allow the attacker to change the backend code of your website, see the databases, or log in as an admin without ever requiring a password. This type of attack is more commonly utilized by hackers to steal secret information, money, change the data on the website itself, or even copy and then delete all of the activity logs so that nobody ever finds the traces of access.
Some other types of injections are XPath Injections, Command Injections, LDAP Injections, and etc. Basically an injection is called a process where the application takes untrusted user input, which is then passed into the interpreter. This is a highly illegal activity in most of the countries, however, still prevalent due to the fact that a lot of hackers are attacking from outside of the jurisdiction of the country where the company is based in.
These attacks can be easily avoided either by validating all untrusted input using a white-list approach, using proper Object Rational Mapping (ORM) library like Hibernate, Entity Framework, etc. or just by limiting the database privileges to minimize the damage done by a successful exploit.
2. Authentication Exploits
Almost all applications require their users to login before utilizing it. This is often done via a username and password combination. Attacks that target these vulnerabilities are dictionary attacks, brute-forcing, session hijacking, and etc. The attackers who are successful can log into the system using different user’s credentials and perform all of the actions without administrators being able to differentiate if it is a malicious or a normal person just doing operations.
3. XML External Entities (XXE)
4. Flawed Access Control Systems (ACS)
Web applications should always limit what users can do and see. This is done to prevent fraudulent and malicious users from accessing data, which is sensitive to their eyes.
Unfortunately, a lot of access control systems are deeply flawed during their implementation resulting in the attacker’s ability to bypass these controls and access unauthorized functions or data on the website. This can be anything from accessing other users’ data, viewing sensitive files, modifying different user accounts, and in worst-case scenarios performing administrative actions.
5. Cross-Site Scripting (XSS)