SQL injection
Retail and hospitality sector fixing software flaws at a faster rate than others
The retail and hospitality sector is fixing software flaws at a faster rate than five other sectors, a Veracode analysis of more than 130,000 applications reveals. The ability …
SQL injection: The bug that seemingly can’t be squashed
If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) …
63 billion credential stuffing attacks hit retail, hospitality, travel industries
Akamai published a report detailing criminal activity targeting the retail, travel, and hospitality industries with attacks of all types and sizes between July 2018 and June …
Surging CMS attacks keep SQL injections on the radar during the next normal
Every year, millions of websites across the world fall victim to malware attacks that are designed to gain access to the site’s backend without the administrator’s knowledge …
Evasive malware increasing, evading signature-based antivirus solutions
Evasive malware has grown to record high levels, with over two-thirds of malware detected by WatchGuard in Q4 2019 evading signature-based antivirus solutions. This is a …
WordPress and Apache Struts weaponized vulnerabilities on the rise
Vulnerabilities in leading web and application frameworks, if exploited, can have devastating effects like the Equifax breach which affected 147 million people, according to …
Most credential abuse attacks against the financial sector targeted APIs
From May 2019 and continuing on until the end of the year, there was a dramatic shift by criminals who started targeting APIs, in an effort to bypass security controls. …
Cyber risk increases at all layers of the corporate network
Organizations will face a growing risk from their cloud and the supply chain, according to Trend Micro. Cyber risk increases at all levels The growing popularity of cloud and …
Researchers uncover 125 vulnerabilities across 13 routers and NAS devices
In a cybersecurity study of network attached storage (NAS) systems and routers, Independent Security Evaluators (ISE) found 125 vulnerabilities in 13 IoT devices, reaffirming …
The gaming community is a rising target for credential stuffing attacks
Hackers have targeted the gaming industry by carrying out 12 billion credential stuffing attacks against gaming websites within the 17-month period analyzed in the report …
Data from 316 million real-world attacks in AWS and Azure environments
In evaluating 316 million incidents, tCell found it clear that attacks against the application are growing in volume and sophistication, and as such, continue to be a major …
Same web-based vulnerabilities still prevalent after nine years
Analysis of vulnerabilities discovered by NCC Group researchers over the last nine years found that instances of common web-based vulnerabilities have largely refused to fall …
Featured news
Sponsored
Don't miss
- Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)
- Debunking compliance myths in the digital era
- How CISOs tackle business payment fraud
- AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)
- Attackers leverage weaponized iMessages, new phishing-as-a-service platform