‘Hidden Property Abusing’ Allows Attacks on Node.js Applications

31 July 2020

A team made up of security researchers from the Georgia Institute of Technology has found a way to exploit Node.js applications by manipulating the hidden properties used to track internal program states, the group plans to announce at the virtual Black Hat USA security conference next week. The novel attack technique, dubbed Hidden Property Abusing, allows a remote attacker to inject new values into Node.js programs through passing objects that the framework, under the right circumstances, will treat as internal data.

Read full article on Dark Reading: Cloud

Date:

31 July 2020

Categorie(s):

NEWS

Tag(s):

Application, Attacks, Cloud, Nodes, Property

Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024
Multilogin Antidetect Browser Review 20244 May 2024
Navigating the API Security Landscape: A CEO’s Perspective on Embedding Zero Trust Principles4 May 2024
Lightsail VPN Review: Is Lightsail VPN Safe? [+Best Alternatives]4 May 2024
How To Secure Your Business In The Times Of All-pervasive Hackers4 May 2024