Tag: security

Java Deserialization Attacks: Understanding and Preventing a Silent Killer

Most developers think of SQL injection, cross-site scripting, or authentication flaws when building secure Java applications. But lurking in the background is a critical, subtle and dangerous vulnerability: deserialization attacks. In fact, this class of issues is recognised by OWASP as part of the Top 10:2021 security risks, specifically under #8: Software and Data Integrity […]
Denis Zygann 0 Comments

Path Traversal via File Upload in Java: What You Need to Know

File uploads are a common feature in many web applications, but they can be a serious security risk if not handled properly. One of the lesser-known (but highly dangerous) vulnerabilities is Path Traversal via File Upload. It’s a variation of an insecure file upload, which directly contributes to Broken Access Control, the #1 security risk […]
Denis Zygann 0 Comments

SQL Injection in Java: Still a Threat — Here’s How to Stop It

In today’s connected world, data breaches are becoming alarmingly frequent, often caused by vulnerabilities in web applications. One of the most notorious and dangerous vulnerabilities is SQL Injection. In fact, Injection attacks (which include SQL Injection) are ranked #3 in the OWASP Top Ten 2021, highlighting how critical and widespread this problem remains—even after years of awareness. SQL Injection allows attackers […]
Denis Zygann 0 Comments