BestHub
Sign in
Tag

Mitigation

1 views collected around this technical thread.

Java Tech Enthusiast
Java Tech Enthusiast
May 9, 2025 · Information Security

Understanding and Preventing HTTP Redirect Attacks in Java Applications

After a login module unintentionally redirected users to a gambling site, the author explains how maliciously crafted redirect parameters enable HTTP redirect attacks, demonstrates vulnerable Java code, and outlines three defensive layers—whitelisting, signature verification, and path sanitization—plus five best‑practice tips to prevent such exploits.

HTTP redirectMitigationSecurity
0 likes · 7 min read
Understanding and Preventing HTTP Redirect Attacks in Java Applications
php中文网 Courses
php中文网 Courses
Aug 6, 2023 · Information Security

Common Web Attack Types and Their Mitigation Strategies

This article outlines the most common web attacks—including DDoS, XSS, SQL injection, and CSRF—explains how they compromise website security, and provides practical mitigation techniques such as traffic filtering, input validation, parameterized queries, CSRF tokens, and secure configuration to protect sites and user data.

CSRFDDoSMitigation
0 likes · 10 min read
Common Web Attack Types and Their Mitigation Strategies
Java Architecture Diary
Java Architecture Diary
Mar 22, 2023 · Information Security

Understanding Spring Framework DoS Vulnerability CVE-2023-20861 and How to Fix It

This article explains the Spring Framework DoS vulnerability (CVE‑2023‑20861), outlines affected versions, details the root cause in SpEL expression handling, and provides step‑by‑step mitigation and upgrade instructions for both Spring Framework and Spring Boot, along with references and security considerations.

CVE-2023-20861DoSMitigation
0 likes · 7 min read
Understanding Spring Framework DoS Vulnerability CVE-2023-20861 and How to Fix It
Architecture Digest
Architecture Digest
Dec 21, 2021 · Information Security

Apache Log4j2 Remote Code Execution Vulnerability Exploitation Guide

This article introduces Apache Log4j2, explains the remote code execution vulnerability caused by unsafe JNDI lookups, provides step‑by‑step environment setup, PoC code, exploitation instructions, and outlines official patches and temporary mitigation measures for developers and security engineers.

MitigationRemote Code ExecutionSecurity Vulnerability
0 likes · 5 min read
Apache Log4j2 Remote Code Execution Vulnerability Exploitation Guide
Laravel Tech Community
Laravel Tech Community
Dec 13, 2021 · Information Security

Apache Log4j2 Remote Code Execution Vulnerability: Description, Impact, and Mitigation Steps

On December 10, a critical remote code execution vulnerability in Apache Log4j 2.x (≤ 2.14.1) was disclosed, allowing attackers to execute arbitrary code via JNDI injection; the article explains the flaw, affected components, detection methods, and urgent remediation measures such as disabling lookups and upgrading to safe versions.

JNDI injectionMitigationRemote Code Execution
0 likes · 5 min read
Apache Log4j2 Remote Code Execution Vulnerability: Description, Impact, and Mitigation Steps
Java Architect Essentials
Java Architect Essentials
Dec 10, 2021 · Information Security

Mitigating the Critical Apache Log4j2 Vulnerability (CVE‑2021‑44228)

The article explains the severe Log4j2 remote‑code‑execution vulnerability affecting versions 2.0 to 2.14.1, provides the official patch link, and lists practical temporary mitigation steps such as JVM flags, configuration changes, environment variables, and network isolation to protect Java applications.

CVE-2021-44228Mitigationjava
0 likes · 3 min read
Mitigating the Critical Apache Log4j2 Vulnerability (CVE‑2021‑44228)
Top Architect
Top Architect
Dec 10, 2021 · Information Security

Log4j 2 Vulnerability Overview and Mitigation Measures

The article explains the Log4j 2 remote code execution vulnerability affecting versions up to 2.14.1, describes its impact, lists affected components, and provides both permanent upgrade instructions and urgent mitigation steps such as JVM flags, configuration changes, and environment variable settings.

MitigationRemote Code Executionjava
0 likes · 3 min read
Log4j 2 Vulnerability Overview and Mitigation Measures
Laravel Tech Community
Laravel Tech Community
Oct 10, 2021 · Information Security

Common PHP Security Vulnerabilities and Mitigation Strategies

This article outlines ten common PHP security threats—including SQL injection, XSS, CSRF, LFI, weak password hashing, MITM, command injection, XXE, improper error reporting, and login rate limiting—explaining how each attack works and providing practical mitigation techniques such as prepared statements, input sanitization, CSRF tokens, and HTTPS.

MitigationSecuritybackend
0 likes · 15 min read
Common PHP Security Vulnerabilities and Mitigation Strategies
Tencent Cloud Developer
Tencent Cloud Developer
Oct 12, 2020 · Information Security

Understanding DDoS Attacks: Principles, Case Studies, and Protection Solutions

The article explains DDoS attack fundamentals, illustrates escalating real‑world incidents and their mitigation, and compares Tencent Cloud’s free, high‑defense package, and high‑defense IP solutions, guiding readers on selecting appropriate protection based on attack history, bandwidth needs, and budget constraints.

Case StudyDDoSDistributed Denial of Service
0 likes · 9 min read
Understanding DDoS Attacks: Principles, Case Studies, and Protection Solutions
Architects Research Society
Architects Research Society
Jul 8, 2020 · Information Security

Top 25 Software Errors (CWE) and Resources for Mitigation

The article presents the CWE Top 25 software errors, detailing each weakness with its ID and description, and provides links to MITRE entries, remediation guidance, and various SANS training resources aimed at helping developers mitigate these common vulnerabilities.

CWEMitigationSANS
0 likes · 17 min read
Top 25 Software Errors (CWE) and Resources for Mitigation
Tencent Cloud Developer
Tencent Cloud Developer
Jul 4, 2018 · Information Security

2018 H1 Gaming Industry DDoS Attack Landscape and Mitigation Recommendations

In the first half of 2018, the gaming industry faced a dramatic rise in DDoS attacks—accounting for nearly 40% of incidents and reaching a 1.23 Tbps peak on Tencent Cloud—driven largely by UDP‑based and MEMCACHED reflection floods, prompting comprehensive mitigation strategies such as BGP high‑defense, traffic filtering, and industry‑specific protections.

Attack TrendsDDoSMitigation
0 likes · 15 min read
2018 H1 Gaming Industry DDoS Attack Landscape and Mitigation Recommendations
360 Quality & Efficiency
360 Quality & Efficiency
Jan 22, 2018 · Information Security

High‑Risk Android WebView Cross‑Origin Access Vulnerability – Description, Impact, Detection, and Mitigation

A security bulletin released on January 9 2018 details a critical Android WebView cross‑origin vulnerability that can expose user privacy data and credentials, outlines its widespread impact on many apps, and provides detection tools and concrete remediation steps for developers.

AndroidCross-OriginInformation Security
0 likes · 4 min read
High‑Risk Android WebView Cross‑Origin Access Vulnerability – Description, Impact, Detection, and Mitigation
Ctrip Technology
Ctrip Technology
Nov 1, 2016 · Information Security

Understanding Serialization, Deserialization Vulnerabilities and Mitigation in Java

The article explains Java serialization and deserialization concepts, provides sample code for serializing a string to a file and restoring it, describes how insecure deserialization leads to remote code execution vulnerabilities illustrated by ActiveMQ, JBoss and Jenkins cases, and outlines mitigation techniques such as class whitelisting, encryption, and using transient fields.

MitigationSecuritySerialization
0 likes · 7 min read
Understanding Serialization, Deserialization Vulnerabilities and Mitigation in Java
Architect
Architect
Jul 3, 2015 · Information Security

Evolution of DDoS Attacks and Mitigation Strategies

The article outlines the evolution of DDoS attacks from early botnet‑based floods to reflection attacks leveraging open servers and finally IoT‑device protocols like SSDP, explains their amplification mechanisms, presents statistical trends, and discusses comprehensive mitigation techniques including source verification, traffic shaping, ISP cooperation, CDN protection, and big‑data analytics.

DDoSIoTMitigation
0 likes · 11 min read
Evolution of DDoS Attacks and Mitigation Strategies