web application security
Four cyber security risks not to be taken for granted
It’s pretty difficult to make information security predictions, and even more difficult to verify them afterwards: we can only judge the effectiveness of information …
Info of millions of AliExpress customers could have been harvested due to site flaw
A programming flaw in the code of popular online marketplace AliExpress, which connects small Chinese businesses with international buyers and has over 7.7 million registered …
Google open sources Firing Range, a test tool for web app security scanners
Google has open sourced another security tool: it’s called Firing Range, and it’s an effective testing ground for a variety of automated web application security …
Assume your Drupal 7 site has been compromised
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL …
Easily exploitable Drupal bug can lead to total site compromise
Admins of sites that run Drupal 7 are advised to update to the latest version of the platform – version 7.32 – because it fixes a critical SQL injection …
Personal info of 850k Oregon jobseekers potentially compromised
851,322 individuals who used Oregon Employment Department’s WorkSource Oregon Management Information System (WOMIS) will soon be receiving notices that they information …
Joomla update fixes high risk bug that could lead to site compromise
The developer team behind the popular open-source content management system Joomla is urging users to update the software to the latest version – v3.3.6 (or v3.2.7 for …
XSS bug allows Amazon account hijacking
A recurring XSS bug in Amazon’s Kindle Library, i.e. the “Manage your Kindle” web application, can be exploited by attackers looking to hijack users’ …
Coursera privacy issues exposed
When well-known lawyer and Stanford law lecturer Jonathan Mayer was invited to teach a course on government surveillance on Coursera, the popular online website offering free …
How important is website security?
In this interview, Nicholas Sciberras, Product Manager at Acunetix, illustrates why website security should be a priority in any organization. He talks about the challenges …
Disqus WordPress plugin vulnerabilities
During a penetration testing for a client, Australian based independent security consultant Nik Cubrilovic, discovered a couple of security issues within the very popular …
UK application security programs lagging behind US
UK enterprises are lagging behind US enterprises when it comes to application security programs. A new IDG study revealed that on average UK companies are spending …