Last month we hosted a webinar dedicated to discussing the issue of codebase security. As trends like secrets and credential exfiltration continue to be of concern within systems like GitHub, threats, such as cryptojacking and supply side attacks, have become more of a problem. This makes understanding key aspects of codebase security very important. That’s why we pulled out 4 lessons from our recent session that developers and security engineers must know.
SQL injection (SQLi) is one of the most common code-injection techniques used to get information from one’s database. Generally speaking, this is malicious code placing in one’s database via a page input, most often a registration form. SQL injection usually occurs when you ask a user for input, like their username/user ID, and instead of a name/id, the user gives you an SQL statement that you will unknowingly run on your database.
The United States Department of State is offering a reward of up to $10 million for information leading to the identification of anyone, working for a foreign government, who participates in a cybercriminal attack against American critical infrastructure. The news of the reward comes at the same time as the White House announced it was setting up a ransomware task force following a series of high-profile attacks in the United States.
Kroll experts have noticed an increase in distributed denial of service (DDoS) attacks by cybercriminals seeking to turn a profit in two distinct incident types. First, many ransomware operators are now threatening and conducting DDoS attacks as an additional pressure tactic during the ransom negotiation process. Second, also known as ransom denial of service (RDoS), attackers threaten DDoS attacks that will take down an organization’s public-facing services unless a ransom is paid.
LDAP is a way for organisations to store user credentials and use them later. It provides access control as well as mechanisms to read and modify data. If the LDAP server isn’t properly configured or secured with another layer of protection, then it could be vulnerable to an attack called LDAP injection. However, you can only protect your applications if you: 1) know what LDAP is and 2) understand what can go wrong with it.
An Advanced Persistent Threat is a sophisticated (rarely) multi-staged attack carried out by skilled and well-organised threat actors such as organised cybercrime syndicates and nation-state actors. The majority of the times, Advanced Persistent Threats (APT) are nothing more than a fancy name with much more media frenzy around the topic of cyber attacks.