Security News > 2020 > May > Application threats and security trends you need to know about

Since modern applications aren't a monolithic whole but consist of many separate components "Glued together" over networks, attackers have at their disposal many "Doors" through which they can attempt access to the data.

"Access tier attacks are any that seek to circumvent the legitimate processes of authentication and authorization that we use to control who gets to use an application, and how they can use it. The result of this kind of attack is a malicious actor gaining entry to a system while impersonating a legitimate user. They then use the legitimate user's authorization to accomplish a malicious goal- usually data exfiltration," the analysts explained.

Attackers use a number of tactics to keep these attacks unnoticed, but organizations also have a lot of defensive options at their disposal to prevent them.

Attackers go where the data is, and that's why organizations in each sector/industry should develop risk-based security programs and tailor controls and architecture to reflect the threats they actually face, the analysts advise.

Spotting and foiling injection and formjacking attacks can be done with securing servers, patching injection vulnerabilities,employing change control, using web application firewalls, through testing and watching of all third-party components on sites with forms accepting critical information, and so on.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/iONx-pSx5TQ/