cross-site-scripting

Follow Ensighten's blog to keep updated on the latest Magecart attacks and other news from today’s cyber threat landscape
Read
April 16, 2021 - Ensighten

How Can You Defend Against Cross-Site Scripting (XSS) Attacks?

XSS is based on client-side code injection: attackers insert malicious scripts into a legitimate application, which then piggybacks onto the altered script within the user’s web browser. These...
Read
February 21, 2020 - Ensighten

The Strengths and Limitations of a Content Security Policy (CSP)

Not that long ago, Magecart threats were only on the risk radar of ecommerce InfoSec teams but highly publicized attacks against businesses such as Macy’s, Ticketmaster, Forbes, MyPillow, AmeriSleep...
Read
December 18, 2019 - Ensighten

Protecting Against Web Application Attacks

2019 has been the year of the web application attack. In the 18 months between January 2018 and June 2019, researchers have recorded more than four billion web application attacks. Cybercriminals use...
1