How Wi-Fi Attackers Are Poisoning Web browser
Web browsers are the primary target for many attackers because so much sensitive data passes through them. From casual shopping to enterprise management systems to military operations, browsers have become the primary vehicle people use to access network-connected systems. Unfortunately, browsers have a long and storied history of vulnerabilities that have provided attackers with a lucrative and near-endless supply of victims upon which to prey. Here are the most common web browser security vulnerabilities to watch out for:
How Wi-Fi attackers are poisoning Web browser
How to avoid: Turn on automatic updates in your browser of choice. This type of vulnerability is usually quickly patched by the browser or OS vendor, so attackers have a very short window in which to use it against fully updated systems.
SQL injections have been a known problem for over 10 years, with The Open Web Application Security Project (OWASP) keeping it towards the top of its Top 10 threats list. Using an SQL injection, attackers can add SQL commands to a website in order to access and edit data on the server. Attackers can use web forms, cookies, or HTTP posts to inject their malicious code into the browser. The goal of these types of attacks is typically to steal, delete, or manipulate the data that businesses store on their servers, including customer names, social security numbers, and payment information.
WikiLeaks was also targeted by attackers who used a DNS cache poisoning attack to hijack traffic to their own WikiLeaks-like version. This was an intentional attack designed to keep traffic away from WikiLeaks with some success.
Individuals who use the legitimate site enter the banking domain into their browsers but open the malicious website instead. Most attackers test and verify that the spoofed site is well-made, but occasionally, a few minor errors give the spoofed site away. For example, the malicious website typically has no encryption certificate installed, so the connection is cleartext. An unencrypted connection is a clear red flag that the hosted site is not a banking website. Browsers alert users that a connection is not encrypted, but many users miss or ignore the warning and enter their username and password anyway.
The browser automatically resolves the domain address without any user intervention, so the user has no reason to be suspicious. This is one reason DNS cache poisoning is such a sneaky type of cyber attack.
Web cache poisoning is a more recent type of cache poisoning attack. In this advanced technique, an attacker exploits the behavior of a web server and cache to serve a harmful or malicious HTTP response to unsuspecting users. The attackers often abuse unkeyed inputs to take control of web caches and manipulate platforms, such as Drupal and Mozilla's Firefox browser.