Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More
I've just committed the Unicode validation feature to the CVS. It is a very good thing to have if the application or the operating system support and/or understand Unicode. Most importantly, this feature will protect from attacks where an ASCII character is encoded with more than one byte thus avoiding detection. In addition to this, ModSecurity checks that there is sufficient number of bytes available, and that all bits in all bytes have correct values. For a detailed description of the Unicode attack have a look at the OWASP guide.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.