web application security
 
                                Radware launches hybrid cloud based WAF service
Cyber attacks remain a persistent threat and have become sophisticated in size and scope. DoS, SQL injections and cross-site scripting are the most common web attack vectors, …
Main sources of data breaches: Phishing, RAM scrapers, web app insecurity
US telecom giant Verizon has published its 2015 Data Breach Investigations Report, which is based on an analysis of nearly 80,000 security incidents, including more than 2,100 …
False positive free online web application security scanner from Netsparker
Netsparker launched their new enterprise online service offering Netsparker Cloud, which enables organizations to simultaneously scan hundreds and thousands of websites for …
Over a million WP sites at risk of hijacking due to plugin bug
Users who run their websites on the popular WordPress CMS and are also using the WP-Slimstat web analytics plugin should update as soon as possible, warns Sucuri vulnerability …
New DDoS attack and tools use Google Maps plugin as proxy
Attackers are using Joomla servers with a vulnerable Google Maps plugin installed as a platform for launching DDoS attacks. A known vulnerability in a Google Maps plugin for …
Google’s new Cloud Security Scanner detects common security bugs
Here’s some good news for Google App Engine developers: Google has released a new application security scanner that’s especially fitting to test new app builds for …
SQL injection vulnerabilities surge to highest levels in three years
UPDATE: Tuesday, 20 January 2015, 1:10 PT – Jericho from Attrition.org has written an insightful post that essentially debunks the data released by DB Networks. …
Hackers use Pastebin to deliver backdoor code
Cyber attackers taking advantage of legitimate online services is not a new thing, and “online clipboard” Pastebin.com is often used to anonymously leak stolen …
Top 3 reasons businesses should prioritize web security
2014 was a year of high-profile hacks for businesses around the world. From The Home Depot breach to the recent Sony data leak, it seemed like as soon as one data breach was …
Rails security scanner Brakeman 3.0.0 released
Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at …
Four cyber security risks not to be taken for granted
It’s pretty difficult to make information security predictions, and even more difficult to verify them afterwards: we can only judge the effectiveness of information …
Info of millions of AliExpress customers could have been harvested due to site flaw
A programming flaw in the code of popular online marketplace AliExpress, which connects small Chinese businesses with international buyers and has over 7.7 million registered …
Featured news
Resources
Don't miss
- Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)
- Microsoft blocks risky file previews in Windows File Explorer
- Building trust in AI: How to keep humans in control of cybersecurity
- Researchers expose large-scale YouTube malware distribution network
- Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)