Security News > 2020 > May > Application threats and security trends you need to know about
Since modern applications aren't a monolithic whole but consist of many separate components "Glued together" over networks, attackers have at their disposal many "Doors" through which they can attempt access to the data.
"Access tier attacks are any that seek to circumvent the legitimate processes of authentication and authorization that we use to control who gets to use an application, and how they can use it. The result of this kind of attack is a malicious actor gaining entry to a system while impersonating a legitimate user. They then use the legitimate user's authorization to accomplish a malicious goal- usually data exfiltration," the analysts explained.
Attackers use a number of tactics to keep these attacks unnoticed, but organizations also have a lot of defensive options at their disposal to prevent them.
Attackers go where the data is, and that's why organizations in each sector/industry should develop risk-based security programs and tailor controls and architecture to reflect the threats they actually face, the analysts advise.
Spotting and foiling injection and formjacking attacks can be done with securing servers, patching injection vulnerabilities,employing change control, using web application firewalls, through testing and watching of all third-party components on sites with forms accepting critical information, and so on.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/iONx-pSx5TQ/
Related news
- MUT-1244 targeting security researchers, red teamers, and threat actors (source)
- Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat' (source)
- Are threat feeds masking your biggest security blind spot? (source)
- Week in review: MUT-1244 targets both security workers and threat actors, Kali Linux 2024.4 released (source)
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)