Secure desktop application - weaknesses are often overlooked

In the past few years, cloud computing has made extremely strong development steps, and gradually emerged as a first choice alternative to traditional data storage and processing measures.

Also from this development trend, traditional desktop applications have been added to the Internet interface, or even own the same version available on the cloud, how to handle it will not also different from cloud applications. Currently, the security factor for traditional desktop applications is gradually overlooked. While in fact, desktop application security should be deployed in the same way as cloud applications.

1. Twitter appears 'error' that causes user information to be approached by third-party advertising providers

Secure desktop application - weaknesses are often overlooked Picture 1 Desktop application security should be deployed in the same way as cloud applications.

Here are some of the most common desktop application weaknesses on any operating system platform:

1. Easily become the target of brute force attacks automatically after hackers have access to known password books.
2. Hackers gain access to weak, predictable, or commonly used passwords.
3. Storing passwords with simple text or weak hash functions.
4. No multi-factor authentication (MFA).
5. Disable invalid session when logging out or after timeout.

If you deploy MFA (multi-factor authentication) to your application, the attacker will not be able to complete MFA steps in a timely and automated manner, thereby helping to prevent remote infiltration attacks. brute force as well as authentication.

For passwords, use the generic password list to detect and verify weak or common passwords, combined with the use of powerful hashing algorithms for user passwords. Limit the use of weak hash functions like MD5. Also, don't store your passwords in plain text.

In addition, you should also pay attention to vague login errors, intentionally when a person enters an incorrect username or password. Otherwise, crooks can use this element to trigger attacks, thereby 'sneaking out' a valid account.

Some ways to prevent sensitive data from being stolen from an application include:

1. Ensure that web traffic is fully encrypted, sent via HTTPS with a valid SSL certificate, and updated when an insecure connection is possible.
2. The Encrypt request (letencrypt.org) provides a free SSL certificate to ensure seamless and secure web traffic.
3. Encrypted and signed browser cookies contain sensitive information.
4. Delete sensitive data when it is no longer needed.
5. Passwords use strong hashing algorithms.
6. Encrypt all confidential, high value data.

Prevent SQL Injection vulnerabilities

SQL Injection is one of the types of web hacking by injecting SQL query / command codes into input before transferring to the web application, you can login without a username and password, remote execution (remote execution), dump data and retrieve the root of SQL server. The attack tool is any web browser, such as Internet Explorer, Netscape, Lynx, .

Secure desktop application - weaknesses are often overlooked Picture 2

Even if automated database encryption technology is used, if a SQL Injection attack is successfully deployed, the data must be read and encrypted at the base level. The encoding / decoding step should be done as part of the core application logic, which helps prevent the consequences of SQL Injection attacks.

1. Overview of building enterprise security detection and response system

Access control

Secure desktop application - weaknesses are often overlooked Picture 3 Access control is an important factor in application security

If an application is equipped with the ability to differentiate users based on privileges or access permissions, this may open a gap in access control, thereby increasing the rights of the attacker. should not have. Some examples include:

1. Cannot prevent access to 'Members Only' pages (Members Only) when the user is not logged in or does not own the appropriate rights to view the page.
2. Do not authenticate URL parameters that can be modified by users (such as exchanging IDs from one user to another)
3. Believe that the value of the cookie is not changed when used to determine the user's role. By verifying both cookie encryption and signature, you can trust that the value has not changed.

Another important thing is to verify and pay attention to user rights. Don't put too much faith in the input data that users can change if they want.

When an error with security configuration is encountered, the main concerns in this case include:

1. Obsolete security patches on the server system.
2. Application framework security is not enabled, or incorrectly configured.
3. The default account, password and security key are still valid or unchanged.
4. The port is not used or turned off by default, the service is still enabled on the server system.

Ensuring that the security patches on the server system running the application have been updated with the latest version, and the proper security features of the application framework that has been activated are extremely important. In addition, you should ensure that the third-party private key (private key) is not uploaded to the source control provider, especially if the application is open source. They can be easily accessed by attackers through an automated scanning tool.

In this case, it's best to store private keys completely separate from the source code.

1. The cybersecurity tools that every business should know

Use software that contains vulnerabilities continuously for a long time

Secure desktop application - weaknesses are often overlooked Picture 4

Modern software today tends to use a lot of third-party components, so updating the application as well as the components of the application to the latest version plays a crucial role in the room. preventing attacks or known security holes. Unfortunately, the large number of application dependencies sometimes makes it difficult to identify and handle vulnerable components, whether direct or indirect.

1. Insider attacks are becoming more and more popular and difficult to detect

Monitoring and journaling

Secure desktop application - weaknesses are often overlooked Picture 5 Monitoring and logging are mandatory tasks in application security

Violation detection, attack type and user activity are the main attributes and are almost mandatory in every system protection process. If you do not have enough application logging and monitoring features, it will be difficult to determine if the system has been compromised, how it infringed, how it originated, the starting point and location of vulnerabilities in application security strategy. Very simple, if you don't know where the flaw is, you won't be able to patch it!

1. Endpoint Detection and Response threats, an emerging security technology