web application security
Highlights from 450 global data breach investigations
Trustwave released details form a report that highlights details and trends from 450 global data breach investigations, 2,500 penetration tests, nine million Web application …
The dangers of third-party code for cloud security
Imperva announced a new report which examines the dangers of third-party code in cloud computing. In December 2012, a hacker breached Yahoo! with an SQL injection attack that …
WordPress 3.5.1 fixes 37 bugs
WordPress 3.5.1, now available for download, is a maintenance and security release for all previous versions that fixes 37 bugs. WordPress 3.5.1 also addresses the following …
Jobs offered to student kicked out of college for discovering security flaw
Ahmed Al-Khabaz, the student that has been expelled from Dawson College because of an unauthorized intrusion in the college’s systems to check whether a flaw he recently …
Video: History of the JavaScript security arsenal
In 2006 we had the first JavaScript port scanner. The same year we saw the incarnation of more advanced tools such as AttackAPI, Carnaval and Backframe. A year later we saw …
New nCircle security appliance cuts vulnerability scan time
nCircle announced the Device Profiler 4000 (DP 4000), a high performance vulnerability scanning appliance designed to support vulnerability scanning requirements including web …
Student checks software for critical bug, gets expelled from college
When 20-year-old Ahmed Al-Khabaz, a computer science student at Montreal’s Dawson College, discovered a critical flaw in his college’s student web portal, he …
How the security threat landscape will evolve this year
Where 2012 was a period of great innovation amongst cybercriminals and hackers – many of whom keenly develop new and hybridized attack vectors that build on a constantly …
Hacking Web Apps
Web security impacts applications, servers and browsers. Successful attacks against Web applications and sites means bad news for their owners, developers and users. This book …
eBay patches two critical security flaws on US website
Two critical vulnerabilities in eBay’s US website (ebay.com) have been closed by the company, preventing attackers from accessing and modifying one of its databases as …
Enterprises lack programs to secure third-party software
Veracode data indicates that despite increasing security risks from third-party and externally developed software, few enterprises currently have formal testing programs in …
Coverity Security Library released on GitHub
Coverity announced the creation of the Coverity Security Library, an open source project available through GitHub and Maven to help developers easily fix cross-site scripting …