May 31, 2016
CSV Injection with CVS Export Feature
Banking, ecommerce, and a number of other websites increasingly offer spreadsheet export functionality within their applications to help users download .XLS and .CSV but did you know of the CSV Injection risks?
Meet us at RSAC 2025! Grab your FREE Expo Pass – Claim Now!
Banking, ecommerce, and a number of other websites increasingly offer spreadsheet export functionality within their applications to help users download .XLS and .CSV but did you know of the CSV Injection risks?
How do you secure website from hackers? Look at some of the expert tips and ensure that hackers stay away from you and your customers.
What is a DDoS? How to stop it? Learn what happened at Fishery of Randomland and how Frank survived a distributed denial of service attack on his website.
The current ‘automating everything’ approach for application security shouldn’t be just replaced. It should be buried down under for greater good.
With rising number of security lapses, the question is inevitable. While many companies understand the importance and need of proper web application security infrastructure, they do not know where to look for it.
Badlock is referenced for Microsoft Windows by CVE-2016-0128 / MS16-047 (Windows SAM and LSAD Downgrade Vulnerability) and for Samba by CVE-2016-2118 (SAMR and LSA man in the middle attacks possible).
In 1996, nine years after the launch of the World Wide Web Project, number of websites had grown to two hundred thousand with a growth of almost 1000% from the last year. People started thinking of getting their business online.
Do you know about the recent bank cyber heist attempt in Bangladesh? Apparently, hackers tried to steal $951 million from country’s account at the Federal Reserve Bank of New York. Although they were not able to get through with all the transactions, $81 million were still transferred in the Philippines.
DROWN allows hackers to decrypt browser-server communication in hours to attack servers or/and users. Shockingly, this newly found vulnerability
Did you know that 155 .GOV and .NIC domains were hacked last year? Learn about more of such facts and figures from the security domain with Indusface.
It’s easy to lose track of things when so much information is being shared. Indusface brings you the most shared and viewed application security articles.
Somewhere in October, NASSCOM-DSCI closed nominations for the Excellence Award. From there, read Indusface’s journey to Emerging IS Product Company.
Indusface is the only cloud WAAP (WAF) vendor with 100% customer recommendation for 4 consecutive years.
A Customers’ Choice for 2024, 2023 and 2022 - Gartner® Peer Insights™