web application security
Google sent out notifications to owners of hacked sites
Matt Cutts, the head of Google’s Web spam team, has announced on his Twitter account that the company has notified 20,000 Web site owners that their sites may have been …
SQL injection main database security concern among SMBs
GreenSQL surveyed more than six thousand GreenSQL SMB users – IT administrators, DBAs, data security professionals and consultants – about their most critical …
New Ice malware attacking Facebook users
Trusteer researchers have discovered a new configuration of the Ice IX malware that attacks Facebook users after they have logged in to their account and steals credit card …
Deconstructing local and remote file inclusion attack vectors
Imperva released its latest Hacker Intelligence Initiative report exploring how Local and Remote File Inclusion (RFI/LFI) attacks enable hackers to execute malicious code and …
The sorry state of web-based single sign-on services
Web-based single sign-on services are becoming increasingly popular, as they offer a better and simpler user experience. But are they secure? The question was asked by team of …
Surge in mobile exploits and shell command injection attacks
IBM released the results of its X-Force 2011 Trend and Risk Report which shows surprising improvements in several areas of Internet security such as a reduction in application …
Risk across the phases of application security
A new Ponemon Institute study surveyed more than 800 IT Security and Development professionals from enterprise organizations to understand the perceptions both groups have …
Researchers compromise e-voting system
A group of researchers from the University of Michigan has recently attacked and managed to compromise the Washington, DC Digital Vote by Mail Internet voting system, proving …
Programmer hacks GitHub to prove a point
Russian programmer Egor Homakov has recently chosen a questionable tactic to prove the danger that a Ruby on Rails public key form update vulnerability poses to systems based …
Cloud web application firewall by Qualys
Qualys unveiled its new QualysGuard WAF service for securing web applications. The new service, delivered as part of the QualysGuard cloud platform and suite of integrated …
Acunetix Web Vulnerability Scanner 8 released
Acunetix Web Vulnerability Scanner 8 (WVS) echoes years of counter-hacking experience through its new ability to lock hackers out by integrating scan results into …
Web app security scanner Netsparker 2.1 released
Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology it’s built on, just like an actual …