Security Vulnerabilities in E-commerce:
Cross side scripting :
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. An attacker can use XSS to send a malicious script to an unsuspecting user.
Mitigate the css attack
Sql Injection
SQL injection (SQLi) is a type of cybersecurity attack that targets these databases, using specifically crafted SQL statements to trick the systems into doing unexpected and undesired things.
Mitigation of this attack
Phishing attacks
Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.
Avoiding or preventing or mitigating :
DDOS attack
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.
Mitigation of DDOS attack
The term ‘DDoS mitigation’ refers to the process of successfully protecting a target from a distributed denial of service (DDoS) attack.
A typical mitigation process can be broadly defined by these four stages
Man in the middle attack
a man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other. One example of a MITM attack is active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.
Mitigation
Password attacks
Mitigation
Cross-site request forgery (csrf)
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application
Mitigation
LIST AND EXPLAIN SECURITY VULNERABILITIES IN E-COMMERCE AND THE SOLUTIONS TO MITIGATE SUCH VULNERABILITIES
Do research on the current software vulnerabilities in cyberspace and the paramount to mitigate these vulnerabilities in the initial stages of software design. write a paper (1250 to 2750 words) should include: A brief summary of the selected articles A clear description of cyber vulnerabilities you have identified from your research. Details on how these vulnerabilities had been exploited Any implications or problems you have identified for the affected environment. A summary section that provides any conclusions you have reached.
What are two vulnerabilities on that can be on a home computer. How have/will a person mitigate these vulnerabilities going forward? Explain.
Fullsoft’s chief technology officer (CTO) established a plan to mitigate risks, threats, and vulnerabilities. As part of the mitigation plan, you and your team members will establish baseline security controls on all workstations (harden the systems), which run either Windows 7 or Windows 10. For this effort, you will ensure that the antivirus software is running properly and implement a control related to password hacking attempts. The CTO also requests a report on the work would perform, part of which...
In your own words, discuss the following e-commerce security topics; firewalls, two-factor authentication, biometric authentication, and encryption. discuss how they impact e-commerce security. Answer with references and documation
List three types of supply chain risks. Explain ways to mitigate these risks.
_may be used to mitigate the risk of viruses in electronic commerce. Multiple Choice Testing of user applications Firewalls IT networks Testing of user applications Firewalls оооо IT networks Physical controls Password system
Explain the advantages and disadvantages of e-commerce versus regular commerce. Elaborate on your answers.
Determine the security updates that apply to your computer. Compile a list of security updates for your computer and provide a summary of the vulnerabilities they prevent from being exploited. Provide a summary of the course of action you have taken to secure your computer. If your computer is up-to-date in terms of recommended patches and configuration changes, choose three of the optional enhancements that would apply to your operating system (OS) version and summarize why they would be beneficial....
Explain the advantages to society because of e-commerce?
Are cyberactivists cyber criminals? Why or why not? What are some of the security vulnerabilities of using WebApps? What are some of the benefits of addressing information security issues related to confidentiality, integrity, authenticity and anonymity in relation to threats and attacks? Why are they important?