Security

Table of Contents

Introduction

Motivation

Incidence reports

2017

2019

Attac vectors

Cross-Site Scripting (XSS)

Couter measures

Man-in-the-middle

Exploits

DLL hijacking (aka. binary planting)

DLLs are being replaced with malicious versions at the top levels of the DLL search path. (see stackoverflow.com)

Example attacks:

Cross-Site Request Forgery

A session cookie is misused to do actions on behalf of the user.

Counter measures:

Basics

General guidelines

Code quality

Data encryption for transmission

Never trust user input

Encryption

System configuration

Firewalls

Data encryption for storage

Post mortems

Penetration testing

Security newsletters

Network security

Application security

Tools

Canary tokens

Unsorted

SearchImpressum