• About
  • Archive
  • Contact
  • basefarm.com
Basefarm Blog
  • Big Data blog
  • Cloud blog
  • Security blog
  • DevOps blog
  • Menu

Web Security Vulnerabilities and How to Fix them

Wondering how to fix web security vulnerabilities? Scan regularly with tools like Detectify, do in-depth fixing and establish a security directed culture. This is easier with DevOps tools.

Web applications can have multiple vulnerabilities that are difficult to discover manually. Here you will get an overview of the most common security issues, how to check your application status, and get a security researcher’s best security advice.

 To you, it is probably old news: every web application can have vulnerabilities, whether it’s linked to a major kernel system or a single web site based on a popular CMS solution.

Many applications are developed over long periods of time with contributions from different environments and people. If you have been programming yourself, you know that the goal is usually to fix a fault or get something to work. When everything is solved after many hours of work, it is easy to just launch the application as it is, and avoid thinking about security concerns.

«The biggest security mistake of them all is to skip vulnerability detection work. Another issue is actually being aware of vulnerabilities and doing nothing. This is more common than you can imagine. Typically, major security vulnerabilities are fixed while smaller ones remain. Multiple low-risk issues quickly add up to a major security issue,» says Linus Särud, Security Researcher at Detectify.

Integrate security in all parts of your business

So, what is the security advice that beats all others? Make security an integrated part of the business culture and application development.
This might be a challenge because typically, security is an addition to everything else and is hard to prioritize.

«From the starting point of a new web application project, you can establish security as an integrated part of the process. This applies particularly to DevOps processes where everyone from development to the IT management department works on the same platform.» he says.

He continues: «However, starting over is not always that easy. Most developers navigate in complex solutions built by multiple applications and integrations. In such cases, you must analyze vulnerabilities, repair and leverage security in the existing structure. Fixing is great, but you must dive deeper into the structures to be better prepared against future threats.»

Four approaches to cyber security

What are the most common web security vulnerabilities? Typically, hackers will exploit vulnerabilities until they are patched and move to the next in line. Therefore, the security vulnerability field is constantly changing.

Here are four approaches to cyber security you should dedicate some time to right now.

1.  OWASP Top 10 anno 2017

The Open Web Application Security Project (OWASP) is a worldwide not-for-profit, charitable organization focused on improving the security of software.

The OWASP’s mission is to create awareness of software security and make it a priority. This is reflected in the top 10 series.

Basefarm’s web application vulnerability assessment partner Detectify has developed an OWASP Top 10 list and a scanner that lets you test your website for vulnerabilities. The list includes code injection, broken authentication, sensitive data exposure, XML external entities (XXE), broken access control, security misconfiguration and more.

2. Common e-commerce security mistakes

Attackers can intercept requests from shopping cart to server and currency. Changing the currency from USD to WON would make the order a thousandth of the price cheaper. Luckily, simply changing the price had its peak some years ago and usually does not work anymore.

Transferring funds between gift cards can be done through a vulnerability class called race condition. This was successfully tested on where it was possible to make several USD 5 transfers from one card holding USD 5 to two other cards.
Gift cards using incrementing IDs make it easy to guess and use gift card numbers. A similar exploit is to test for example the coupon code «superCheap_50» when you already know that «superCheap_10» gives you 10 per cent off.

Want to know more? Read the Detectify blog where 7 common e-commerce security mistakes are explained.

3. Implementing HTTPS the right way

HTTPS is one of the simplest security measures you can implement. Strangely, many applications ran vulnerable HTTP sites until Google prioritized HTTPS sites in its search engine results. This combined with security concerns boosted the use of HTTPS.

4. Detectify automated 1000+ security tests

Detectify has developed a website vulnerability scanner that performs fully automated tests to identify a 1000+ vulnerabilities. It is continuously updated by a crowdsourced community of 150+ white-hat hackers.

For someone not used to working with security, it can feel overwhelming and hard to understand what to prioritize in a report. Luckily, a service provider with security experience such as Basefarm can assist with this. Read more about our services on our website or contact us directly to learn more!

BIO

Linus Särud (Twitter: @_zulln), 19, already had an interest for IT security when he was only 13 years old. At 14, he got into ethical hacking and discovered severe security vulnerabilities in Google applications as well as contributed IT security articles for IDG Sweden. Today he works as a security researcher for Detectify, a Swedish web security company. At Detectify, Linus is conducting extensive security research, managing the Detectify Labs blog and coordinating 150+ ethical hackers that are part of Detectify’s Crowdsource network.

Download our Cloud Guide

What should you focus on in order to take the next step in your company’s cloud journey?
With help from over 200 IT professionals and a Cloud Maturity Ladder, this report will help you to focus, prioritize and it will guide you to the next level.

Big data consulting

Find undiscovered secrets in your data and on the web: intelligent algorithms provide you with unique knowledge about your customers and your business.

Read more

Image by Glenn Carstens-Peters from Unspalsh

0-days in Microsoft exchange servers

March 3, 2021/in Security blog /by Rebecca Mybrand

Published: 2021-03-02CVE-2021-26855CVE-2021-26857CVE-2021-26858 CVE-2021-27065  “Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to […]

Read more
https://blog.basefarm.com/wp-content/uploads/2021/03/glenn-carstens-peters-npxXWgQ33ZQ-unsplash-scaled.jpg 1703 2560 Rebecca Mybrand https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Rebecca Mybrand2021-03-03 14:33:042021-03-03 14:34:190-days in Microsoft exchange servers
Image by David Mark from Pixabay

Centreon IT monitoring software and Russian Sandworm hackers

February 16, 2021/in Security blog /by Hans-Petter Fjeld

Basefarm has become aware of published news telling of Russian-accredited advanced persistent threat actors, given the name of Sandworm, having exploited Centreon IT monitoring software. Basefarm is aware that some news report mention Orange as on the customer-list of Centreon and while Basefarm is owned by Orange Business Services we would like to make it […]

Read more
https://blog.basefarm.com/wp-content/uploads/2021/02/beach-1751455_1920.jpg 1277 1920 Hans-Petter Fjeld https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Hans-Petter Fjeld2021-02-16 12:32:292021-02-16 12:45:05Centreon IT monitoring software and Russian Sandworm hackers
Image by Peter H from Pixabay

Microsoft Windows Multiple Security Updates Affecting TCP/IP | CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086

February 10, 2021/in Vulnerability bulletin /by Hans-Petter Fjeld

Published: 2021-02-09MITRE CVE-2021-24074MITRE CVE-2021-24094MITRE CVE-2021-24086 “Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an Important Denial of Service (DoS) vulnerability (CVE-2021-24086). The two RCE vulnerabilities are complex which make it difficult to create functional exploits, so they are not likely in the […]

Read more
https://blog.basefarm.com/wp-content/uploads/2021/02/luggage-3297015_1920.jpg 1236 1920 Hans-Petter Fjeld https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Hans-Petter Fjeld2021-02-10 13:53:312021-02-10 13:53:32Microsoft Windows Multiple Security Updates Affecting TCP/IP | CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086
Mikael Karlsson

Don’t get caught in the cold with ransomware

February 8, 2021/in Security blog /by Hans-Petter Fjeld

Ransoms is sadly the trend these days. We want to share a cheap and effective way to enable prevention that most probably fail to consider. Using the ransomware simulator from KnowBe4, RanSim, we could see that our endpoints did no prevention previously. An easy way to minimize the attack surface for ransomware is to use […]

Read more
https://blog.basefarm.com/wp-content/uploads/2021/02/8474B4E3-52AA-4E37-A9E2-1205A48E6669_1_105_c.jpeg 768 1024 Hans-Petter Fjeld https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Hans-Petter Fjeld2021-02-08 17:35:152021-02-08 17:35:17Don't get caught in the cold with ransomware
House in winter wonderland.Image by Hermann Schmider from Pixabay

CVE-2021-3156 | Heap-Based Buffer Overflow in Sudo

January 27, 2021/in Vulnerability bulletin /by Hans-Petter Fjeld

Published: 2021-01-26MITRE CVE-2021-3156 “The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available on major Unix-like operating systems. Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host.” This is especially bad for multi-user environments where some users have login access, but […]

Read more
https://blog.basefarm.com/wp-content/uploads/2021/01/house-5914171_1920.jpg 1282 1920 Hans-Petter Fjeld https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Hans-Petter Fjeld2021-01-27 11:26:022021-01-27 11:26:03CVE-2021-3156 | Heap-Based Buffer Overflow in Sudo
Image by Ervin Gjata from Pixabay

SolarWinds Supply Chain Attack to Compromise Victims With SUNBURST Backdoor

December 16, 2020/in Security blog /by Hans-Petter Fjeld

There is an ongoing news-story concerning SolarWinds and a supply chain attack used by an advanced threat actor to compromise victims with a rather advanced backdoor. Basefarm does not use this affected product, but are aware of at least one of our customer who do. We are working with the customer in question to mitigate […]

Read more
https://blog.basefarm.com/wp-content/uploads/2020/12/snow-5759500_1920.jpg 1280 1920 Hans-Petter Fjeld https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Hans-Petter Fjeld2020-12-16 11:09:462020-12-16 11:10:27SolarWinds Supply Chain Attack to Compromise Victims With SUNBURST Backdoor
Image by adege from Pixabay

CVE-2020-17095 | Windows Hyper-V Remote Code Execution Vulnerability

December 11, 2020/in Vulnerability bulletin /by Hans-Petter Fjeld

Published: 2020-12-08MITRE CVE-2020-17095 “A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to […]

Read more
https://blog.basefarm.com/wp-content/uploads/2020/12/hoarfrost-4739176_1920.jpg 1076 1920 Hans-Petter Fjeld https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Hans-Petter Fjeld2020-12-11 11:49:082020-12-11 11:52:00CVE-2020-17095 | Windows Hyper-V Remote Code Execution Vulnerability
Windows update

NSA publishes advisory on 25 vulnerabilities used by Chinese state sponsored hackers

October 23, 2020/in Basefarm SIRT, Security blog, SIRT /by Raymond Aarseth

The National security Agency in the United States recently released an advisory warning of the threat of Chinese state sponsored attacks and detailed 25 vulnerabilities used. The advisory gives detailed information about the vulnerabilities, what it affects and how to remediate them. Most of them are remotely exploited and can be used to gain initial […]

Read more
https://blog.basefarm.com/wp-content/uploads/2020/01/upgrade-3727076_1920.jpg 1153 1920 Raymond Aarseth https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Raymond Aarseth2020-10-23 15:40:482020-10-23 15:40:50NSA publishes advisory on 25 vulnerabilities used by Chinese state sponsored hackers
Remote beach accessPhoto by Caleb George on Unsplash

CVE-2020-16891 | Windows Hyper-V Remote Code Execution Vulnerability

October 14, 2020/in Vulnerability bulletin /by Hans-Petter Fjeld

Published: 2020-10-13MITRE CVE-2020-16891 “A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system.” This is especially bad for “hotel” environment with multiple different tenants that should not be able to influence each other, but it is also bad […]

Read more
https://blog.basefarm.com/wp-content/uploads/2020/10/caleb-george-vz4C-noFOOI-unsplash-scaled.jpg 2560 1920 Hans-Petter Fjeld https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Hans-Petter Fjeld2020-10-14 17:57:472020-10-14 17:57:49CVE-2020-16891 | Windows Hyper-V Remote Code Execution Vulnerability
Road giving access to remote areaPhoto by Ricardo Esquivel from Pexels

CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability

October 14, 2020/in Vulnerability bulletin /by Hans-Petter Fjeld

Published: 2020-10-13MITRE CVE-2020-16898 “A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets.” This vulnerability affects Windows 10, Server 2019 and Server Core versions (see full Security Advisory for proper details). It can be mitigated by disabling a network feature or blocking ICMPv6 Router Advertisement packets. Basefarm and […]

Read more
https://blog.basefarm.com/wp-content/uploads/2020/10/pexels-ricardo-esquivel-3041347-scaled.jpg 2560 1707 Hans-Petter Fjeld https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Hans-Petter Fjeld2020-10-14 17:41:352020-10-14 17:45:49CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability
Page 1 of 61123›»

Recent Posts

  • 0-days in Microsoft exchange servers
  • Centreon IT monitoring software and Russian Sandworm hackers
  • Microsoft Windows Multiple Security Updates Affecting TCP/IP | CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086
  • Don’t get caught in the cold with ransomware
  • CVE-2021-3156 | Heap-Based Buffer Overflow in Sudo
Subscribe via RSS

Recent Comments

  • kuncham on Oracle fixes vulnerabilities
  • Oracle Appications on Oracle Patch Update April 2013
  • Anudeep on How to install Logstash on Windows Server 2012 with Kibana in IIS.
  • Kumar on How to install Logstash on Windows Server 2012 with Kibana in IIS.
  • Øyvind Dyrnes on December 2 – Regularly download security updates and “patches”

Archive

  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012
  • 2011
© Copyright - Basefarm Security Blog
  • Facebook
  • Twitter
  • Instagram
  • Mail
Data Thinking: A Guide to Success in the Digital Age Half of Execs Feel Unprepared to Respond to a Cyber-Incident.
Scroll to top