all InfoSec news
What is insecure deserialization?
Feb. 8, 2022, 5:39 p.m. | Vickie Li
Security Boulevard securityboulevard.com
Getting to know a critical vulnerability that affects Java, Python, and other common programming languages.
Photo by Jiawei Zhao on Unsplash
As a penetration tester, there are few vulnerabilities that fascinate me more than insecure deserialization.
Insecure deserialization bugs are very critical vulnerabilities: an insecure deserialization bug will often result in remote code execution, granting attackers a wide range of capabilities on the application.
Defending against deserialization vulnerabilities is also extremely difficult. How an application can defend against these vulnerabilities …
cybersecurity deserialization insecure java programming programming-languages python
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Engineer 2
@ Oracle | BENGALURU, KARNATAKA, India
Oracle EBS DevSecOps Developer
@ Accenture Federal Services | Arlington, VA
Information Security GRC Specialist - Risk Program Lead
@ Western Digital | Irvine, CA, United States
Senior Cyber Operations Planner (15.09)
@ OCT Consulting, LLC | Washington, District of Columbia, United States
AI Cybersecurity Architect
@ FactSet | India, Hyderabad, DVS, SEZ-1 – Orion B4; FL 7,8,9,11 (Hyderabad - Divyasree 3)