Please create an account to participate in the Slashdot moderation system


Forgot your password?

Submission + - The Hidden Threat of Business Logic Attacks (

wiredmikey writes: We've been bombarded with headlines of cyber attacks, breaches and hacks all year. One type of attack that often flies under the radar are business logic attacks, sometimes called logic abuse attacks.

Business logic attacks abuse the functionality of a program—as opposed to an application vulnerability. They’re stealthy because they don’t come as malformed requests and they contain legitimate values. Often, we cannot even call them illegal. Mainly performed by business logic bots (BLBs), these types of attacks can perform a variety of attacks including Queue Jumping, Auction Sniping, Poll Skewing, Click Fraud, Poker Bots, and more.

An interesting column highlighting some of the attacks that often go unnoticed and escape the headlines, but are happening every day...

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

The Hidden Threat of Business Logic Attacks

Comments Filter:

This process can check if this value is zero, and if it is, it does something child-like. -- Forbes Burkowski, CS 454, University of Washington