What Is the Best Validation Logic for an Internal API Gateway in Trading Systems?

Context:
To briefly describe our system, we are preparing a cryptocurrency exchange platform similar to Binance or Bybit. All requests are handled through APIs. We have an External API Gateway that receives and routes client requests as th… Continue reading What Is the Best Validation Logic for an Internal API Gateway in Trading Systems?

How do I ensure that my web application’s accessibility features do not introduce security vulnerabilities? [closed]

I am currently working on a web application where accessibility is a high priority. We’ve implemented several accessibility features, such as:

ARIA (Accessible Rich Internet Applications) attributes for screen reader support
Keyboard navi… Continue reading How do I ensure that my web application’s accessibility features do not introduce security vulnerabilities? [closed]

"Blind SQL Injection (Time-Based)" vulnerability in ASP.NET web application

I am working on an ASP.NET web application, and a recent security scan (conducted using SecurityMetrics) flagged a vulnerability related to Blind SQL Injection (Time-Based). Here are the details of the report:
Impact (as per the scan repor… Continue reading "Blind SQL Injection (Time-Based)" vulnerability in ASP.NET web application

Is it possible to proxy USB and disconnect when a certain sequence is intercepted before it is (fully) passed to the real USB device?

Let’s assume:

I have a piece of software (with a webUI) that has access to a USB device through the host OS.
The software itself can’t be changed.
The software has the ability to perform a firmware flash on the USB device, also remotely w… Continue reading Is it possible to proxy USB and disconnect when a certain sequence is intercepted before it is (fully) passed to the real USB device?