[ Security for Web Developers ] :: 08: What Can Hurt You

What You Know Can Hurt You. What You Don’t Know Can Hurt You.

Most so-called hackers are really just script kiddies:
http://www.hackpconline.com/2010/05/painfully-computer-pranks.html.

Most of the fruit is low-hanging:
https://www.toptal.com/security/10-most-common-web-security-vulnerabilities.

Real exploit developers who find real vulns go much deeper:
http://blog.dewhurstsecurity.com/2013/04/17/http-form-password-brute-forcing-the-need-for-speed.html.

Public and private groups share information (unfortunately, not to an equal degree) about newly discovered exploits: “zero day” exploits.

The most wicked exploits are saved for the highest-value targets and demonstrate vast knowledge and skill, for example Stuxnet:
http://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/.

Part of your equation is realistically considering the value – or controversy – of your website goodies.

Next: http://schoolforhackers.com/security-web-developers-exploits/

One Reply to “[ Security for Web Developers ] :: 08: What Can Hurt You”

Comments are closed.