In 1979, four Atari developers asked the CEO if they could be credited and paid royalties for the hit games they made, as record labels do with musicians. The CEO insisted, "anybody can do a cartridge"
So, they ultimately quit and formed their own company named Activision
Over 5000 awesome people in our family! 💙
I'll be posting amazing content on web design and development, and freelancing. Stay tuned. 🔥
Thank you all again. Have a fun, productive week ahead. Cheers! 🍻
3. Cross-Site Scripting
4. Cross-Site Request Forgery
Also known as CSRF, this is an attack where a malicious website or program causes the browser to perform an unwanted action on a site the user is currently authenticated.
This is notoriously dangerous since the attacker has unlimited access.
5. Insecure Cryptographic Storage
This is where sensitive data, such as passwords, are not securely encrypted and stored. This is a common developer mistake.
Always salt sensitive data before hashing them, and never save the plain text in your database.
6. Unvalidated Redirects and Forwards
This is when a website has no proper validation while redirecting users to other pages. An attacker can use this to send users to other malicious sites.
They can also use unvalidated forwards to access unauthorized pages within your app.
7. Insecure Direct Object References
This is when there is no proper authentication while downloading files. An attacker can use this to download your backups, emails, app code, and more.
They can also exploit this to crash your server by sending multiple bot requests.
8. Using Vulnerable Code
This one is on the developer. Directly copying and pasting the code you got on the internet is a bad practice as it can be malicious.
Always read every line of the code that you copy and paste and make that it does only what you want it to do.
9. Cross-Origin Resource Sharing
CORS allows restricted resources on a web page to be requested from another domain outside the domain.
A badly implemented CORS policy can lead to major security breaches like API leaks, loss of personal data and files, and more.
10. Not having an SSL
If you don't have an SSL certificate on your website, then the communication between your server and the browser is not encrypted.
This means all the confidential information might be accessed by hackers. Not to mention that Google downranks such websites.
That's all for now.
If you liked the thread, make sure to:
1. Follow me @parik36
2. Retweet the first tweet
Thank you so much for getting to the end of the thread 💙 ! Let me know what you think below 😊 .