Client-Side Protection is Key to Web Application Security
The Open Web Application Security Project (OWASP) Foundation defines script attacks as a "type of injection in which malicious scripts are injected into otherwise benign and trusted websites." From the perspective of the user, malicious code is coming from trusted websites. Recently popularized by Magecart hacker groups, script attacks have focused on the web skimming of cookies, tokens, and — most commonly — personally identifiable information (PII) such as payment information, medical records, and other types of sensitive information. Continue reading Client-Side Protection is Key to Web Application Security