CSRF


Also found in: Dictionary, Acronyms, Wikipedia.

CSRF

(Cross-Site Request Forgery) An online forgery that requires knowledge of which Internet-based institutions a person deals with. It is used to steal money or obtain valuable data such as credit card numbers. Also called an "XSRF," "sea surf" and "confused deputy attack," the CSRF is embedded in a fake link or bogus script on a Web page. In either case, the browser executes a malicious transaction such as a wire transfer to the cybercrook's bank.

The CSRF exploit only works if the user is already logged onto the institution's Web site that is being targeted or has recently logged on, in which case a stored cookie used for authentication may still be active. See XSS.
Mentioned in ?
References in periodicals archive ?
In this special issue of the CJHS, readers will be exposed to some of the best contemporary sex research presented at CSRF.
Don't forget to go to the Karsha monastery, which is the biggest monastery in Ladakh", Zsombor Nagy, one of the volunteers of CsRF, echoing volunteers who are excited to be natives in a foreign land.
She added that anyone wanting to cancel deliveries of the magazine or CSRF beneficiaries who wish to receive it can email info@csrf.
Xiaoli et al (2009) presented the result of the review of more than 200 CSRF attacks.
Perhaps the most prominent aspect of the collegial relationship between CSRF and SIECCAN has been the dissemination of research presented at CSRF meetings in SIECCAN publications beginning with the SIECCAN Newsletter and then the SIECCAN Journal.
These beamlines span the entire useful energy range of SL - the far IR (#1, Table 1), the IR (#2, 3), the soft X-ray region (beamlines #4, 5 from CSRF in Madison) and the hard X-ray region (beamlines #6, 7).
CSRF is a national facility, owned and managed by the National Research Council (NRC), (N.
It includes features such as SSL offloading for HTTPS traffic, Positive protection model without Signature Tables, URL whitelisting and comprehensive business logic protection against OWASP Top 10 web attacks like SQL injection, XSS, CSRF, and cookie-poisoning.
Creating secure development strategies that consistently mitigate the risk associated with CSRF vulnerabilities is even more difficult.
F5's ASM is a great WAF and we are excited to see that protection from CSRF attacks is now so easy to configure with just a few clicks of the mouse.
CSRF protected sites: Performs XSRF token detection to enable collection and use of valid tokens during each attack.
The dramatic rise in attacks against social networking sites this year can primarily be attributed to attacks on popular new technologies like Twitter, where cross-site scripting and CSRF worms were unleashed," said Ryan Barnett, director of application security research for Breach Security.