News
A CSRF attack is a serious Web security threat that, combined with XSS, can be lethal. Learn about the CSRF attack’s anatomy, along with mitigation methods.
MonkeyFist is a Python-based Web server tool that listens and automates per-request, dynamic CSRF attacks. In the demo here, MonkeyFist pointed a Newsweek.com "user" to a "bad guy's" site via the ...
Two security researchers have released details on some very scary Cross-Site Request Forgery (CSRF) attacks that affect some of the largest sites on the web. The sites detailed in the report from ...
Researchers from Princeton University today revealed their discovery of four major Websites susceptible to the silent-but-deadly cross-site request forgery (CSRF) attack -- including one on ...
True, CSRF is not as common nowadays, but it doesn’t mean it’s not harmful to a web app or website. On the contrary, it can cause big problems for your business and your users. The prominent examples ...
The Register’s Dan Goodin has news about a belated but significant move by Google to protect its GMail and other services from CSRF (cross site request forgery) attacks. In recent days, Google ...
French researcher Kafeine has found an exploit kit delivering cross-site request forgery attacks that focus on SOHO routers and changing DNS settings to redirect to malicious sites.
Unlike an XSS attack, which tricks the site into uploading malicious code, CSRF simply has the site execute legitimate commands–just not commands issued by the user.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback