Posted on

How to Protect Against XSS Attacks in Java

Cross-Site Scripting (XSS) attacks are a form of threat that takes advantage of vulnerabilities in web applications to prey on user information. Using malicious scripts, attackers can reach different users through a usually trustworthy web page and access any information logged in the browser by the user including cookies and other sensitive information. These kinds of attacks can occur wherever a web program accepts user input without validation and subsequently uses it within its output.

It is important to take all necessary steps toward protecting your users, and this is especially true in the case of XSS attacks, as a user may only be aware of their use of your website, and not the malicious actor who is threatening them. This can then harm your website’s reputation as users will relate any issues to its users and may be disinclined to return.

Posted on

What You Should Actually Know About Security in Ruby on Rails?

Introduction to Ruby-on-Rails

A popular development environment, Ruby on Rails features a simple syntax. The environment is accommodating by nature, allowing teams of varying sizes to work in complete harmony. Developers find it fairly easy to learn, and thus, it is one of the most popular development technology available today.

Security Issues With Ruby on Rails

Thanks to Apple, the web development framework saw an overnight upsurge in its popularity. However, in  2012, security breaches invited massive criticism from its patrons.

Posted on

The End of CoinHive and the Rise of Cryptojacking

CoinHive is a service that was created in September 2017. It allows users to mine Monero cryptocurrency using JavaScript. CoinHive has remarkably changed the income models of content developers over the course of its 18 month-long adventure. However, due in large part to the drop in hash rate (over 50 percent) after a previous Monero hard fork, and the crash of the market with the value of XMR depreciating more than 85 percent in one year, the service ended March 8, 2019. In this blog post, we look at how crypto mining has developed and how attackers have taken advantage of these models to develop a new attack vector called cryptojacking.

The Beginning of ByteCoin and Monero

In 2013, Nicolas van Saberhagen released the CryptoNote protocol. It was commonly used on the infrastructure of many coin types, including ByteCoin. The inventor of ByteCoin has been unknown since he announced the cryptocurrency anonymously on the Bitcointalk forum.