Dark Reading

Popular WAFs Subverted by JSON Bypass

Web application firewalls (WAFs) from five major vendors are vulnerable to malicious requests that use the popular JavaScript Object Notation (JSON) to obfuscate database commands and escape detection ...
CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
InfoQ

Accessing .NET gRPC Endpoints from Anywhere via JSON Transcoding

However, while JSON transcoding does it simply by adding a relatively lightweight library to the server application, gRPC-Gateway does it by running the requests via a reverse proxy. As well as being ...
InfoWorld

JavaOne 2012: JSR 353: Java API for JSON Processing

I went to Parc 55 Mission to see Jitendra Kotamraju‘s (Oracle) presentation “JSR 353: Java API for JSON Processing.” Kotamraju is the JSR 353 specification lead, so it’s safe to assume he knows ...
Dark Reading

JSON Config File Leaks Azure ActiveDirectory Credentials

A publicly accessible configuration file for ASP.NET Core applications has been leaking credentials for Azure ActiveDirectory (AD), potentially allowing cyberattackers to authenticate directly via ...