Snyk·3yHow to protect Node.js apps from CSRF attacks
This article explores how CSRF attacks work in Node.js applications and provides strategies to protect against them. It covers the synchronizer token pattern (STP), SameSite cookies, and the Double Submit Cookie pattern. The article also mentions the importance of testing CSRF protection and provides best practices for securing Node.js applications.
freeCodeCamp·3yWhat is Tabnabbing and How to Prevent it
Tabnabbing is a type of phishing attack that targets inactive tabs in a browser, redirecting users to malicious sites resembling legitimate ones. To prevent tabnabbing, you can use the `noopener` and `noreferrer` attributes when opening links in a new tab.
asayer·3yFront End Security: Threats and Countermeasures
Front-end security is crucial for protecting user data, ensuring user authentication, and establishing secure communication. Common threats include Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and Clickjacking. Preventive measures include implementing Content Security Policy (CSP), input sanitization, CSRF tokens, frame-busting scripts, and HTTPS with valid SSL/TLS certificates.
Community Picks·3yGoogle Cloud mitigated largest DDoS attack, peaking above 398 million rps
Google mitigated the largest DDoS attack to date, peaking above 398 million requests per second (rps). The attack used a novel technique called HTTP/2 Rapid Reset based on stream multiplexing. Google coordinated with industry partners to understand the attack mechanics and collaborated on mitigations. The attack vulnerability has been designated as CVE-2023-44487 with a CVSS score of 7.5. Any enterprise or individual serving an HTTP-based workload may be at risk and should apply relevant patches or verify server vulnerability.
Laravel News·3y7 Tips for Adding a Second Server to your App
Adding a second server to your app can improve performance and reliability. Considerations include load balancer setup, handling databases and caching, managing user uploaded content, queue workers, scheduled commands, deployment strategy, and network security.
System Weakness·3yHow to Bypass Windows Passwords using Kali Linux
Learn how to bypass Windows passwords using Kali Linux. Reset/remove forgotten passwords on any Windows computer without formatting the hard disk. Create a bootable USB of Kali Linux using Rufus. Use the chntpw program to remove the Windows password.
Noted·3yMicroBin: Self-Hosted Pastebin for Simplifying Sharing
MicroBin is a self-hosted pastebin that simplifies sharing long texts, large files, and sensitive documents securely. It also functions as a URL shortener and secure upload host. The core features of MicroBin include server-side and client-side encryption, file uploads, raw text serving, QR code support, and more. In version 2.0, MicroBin introduced URL shortening ability. Despite a drawback of pastes not persisting after container restarts, MicroBin is well-designed and effective. It is recommended for those who don't mind this issue and are interested in self-hosting and open-source solutions.
