What is Web Attack?

There are several ways attackers can attack Web applications (websites which allow you to interact directly with software via the browser) to steal confidential information or introduce malicious codes or hijack your computer. These attacks exploit vulnerabilities in components like web apps or content-management systems, as well as web servers.

Web app attacks make up the majority of security threats. Over the last 10 years attackers have developed their skills in finding and exploiting vulnerabilities that can affect application perimeter defenses. Attackers are able to bypass the all common defenses using methods like botnets, phishing and social engineering.

Phishing attacks make victims click on an email link containing malware. This malware downloads to their computer, allowing attackers to hijack devices or systems to use for other motives. Botnets are a group of infected or compromised connected devices that attackers can use to launch DDoS attacks as well as spreading malware, perpetuating fraud in advertising and more.

Directory (or path) traversal attacks use movements patterns to gain access to files on websites, their configuration files as well as databases. To defend against this type of attack requires the right input sanitization.

SQL injection attacks target the database which stores crucial data for websites and services by injecting malicious code that allows it to override security safeguards and release information that it normally wouldn’t. Attackers can run commands, dump database and more.

Cross-site scripting attacks (or XSS), insert malicious code on a trusted site to hijack the browsers of users. This allows attackers to steal session cookies and confidential information, impersonate a user to alter content, and more.

http://liveright.us/what-to-expect-from-board-software