Tackling cross-site request forgery (CSRF) on company websites

23 March 2021

Everyone with half a mind for security will tell you not to click on links in emails, but few people can explain exactly why you shouldn’t do that (they will usually offer a canned ‘hackers can steal your credentials if you do’ explanation) Cross-Site Request Forgery (CSRF) is that reason. Clicking on that link means that an attacker can fake any user-supplied input on a site and make it indistinguishable from a user doing it themselves.

Read full article on Help Net Security

Date:

23 March 2021

Categorie(s):

NEWS

Tag(s):

CSRF, IT, News, XSS

Aussie Early Adopters of Copilot for Security2 May 2024
Hacker free-for-all fights for control of home and office routers everywhere2 May 2024
Verizon’s 2024 Data Breach Investigations Report: 5 key takeaways2 May 2024
Dropbox dropped the ball on security, haemorrhaging customer and third-party info2 May 2024
Block accused of mass compliance failures that saw digi-dollars reach terrorists2 May 2024