Why XSS is still an XXL issue in 2021
Cross-site scripting (XSS) attacks take advantage of coding flaws in the way websites or web applications generate input from users. Despite their longstanding reputation as a …
web application
3.4 billion credential stuffing attacks hit financial services organizations
Akamai published a report that provides an analysis of both global and financial services-specific web application and credential stuffing attack traffic, revealing …
Security doesn’t always require immediacy
New security threats emerge almost continuously, meaning we now deal with a known unknown. In the past year alone, malware and ransomware use has sharply increased, 43% of …
DevOps didn’t kill WAF, because WAF will never truly die
The web application firewall (WAF) is dead, they say, and DevOps is the culprit, found over the body in the server room with a blade in its hand and splattered code on its …
Even though critical, web application security is getting less attention
As organizations shifted focus to support remote work and business continuity amid the challenges of 2020, web application security suffered, according to an Invicti Security …
Using memory encryption in web applications to help reduce the risk of Spectre attacks
There’s nothing quite like an actual proof-of-concept to make everyone listen. I was pleased by the PoC released by Google security engineers Stephen Röttger and Artur Janc …
One in four people use work passwords for consumer websites
Employees working from home on a company-provided computer are demonstrating a clear lack of cybersecurity knowledge through high-risk behavior, according to a report released …
Most security pros think a WAF is high maintenance
An organization’s web application firewall (WAF) is a critical line of defense in protecting proprietary and customer data, but the concern is that some organizations are …
Extortion demands grow as cybercriminals target new online industries
There was a 154 percent increase in the number of attacks between 2019 and 2020, with growth in ransom-related DDoS (RDDoS) attacks and a rise in use of existing attack …
Attacks are rising in all vectors and types
DDoS, web application, bot, and other attacks have surged exponentially compared to the first half of 2019, according to CDNetworks. In particular, attacks on web applications …
Theory and practice of web application security efforts in organizations worldwide
75% of executives believe their organization scans all web applications for security vulnerabilities, while nearly 50% of security staff say they don’t, a Netsparker …
40% of security pros say half of cyberattacks bypass their WAF
There are growing concerns around the number of businesses vulnerable to cyberattacks due to hackers’ ability to bypass their Web Application Firewall (WAF), Neustar reveals. …