web application security
Top 10 business logic attack vectors
Application business logic flaws are unique to each custom application, potentially very damaging, and difficult to test. Attackers exploit business logic by using deductive …
Majority of web apps vulnerable to most frequent exploits
84 percent of web applications from public companies were deemed unacceptable when measured against the OWASP Top 10 most frequently exploited web application vulnerabilities, …
How to spot automated Web application attacks
Imperva released its April Hacker Intelligence Report Automation of Attacks, which analyzes how and why attacks on Web applications are automated. As much as 98 percent of …
Web application attack report from FireHost
Secure cloud hosting company, FireHost, has revealed details about type and origin of web attacks that it has blocked from causing harm to clients’ web applications and …
Google sent out notifications to owners of hacked sites
Matt Cutts, the head of Google’s Web spam team, has announced on his Twitter account that the company has notified 20,000 Web site owners that their sites may have been …
SQL injection main database security concern among SMBs
GreenSQL surveyed more than six thousand GreenSQL SMB users – IT administrators, DBAs, data security professionals and consultants – about their most critical …
New Ice malware attacking Facebook users
Trusteer researchers have discovered a new configuration of the Ice IX malware that attacks Facebook users after they have logged in to their account and steals credit card …
Deconstructing local and remote file inclusion attack vectors
Imperva released its latest Hacker Intelligence Initiative report exploring how Local and Remote File Inclusion (RFI/LFI) attacks enable hackers to execute malicious code and …
The sorry state of web-based single sign-on services
Web-based single sign-on services are becoming increasingly popular, as they offer a better and simpler user experience. But are they secure? The question was asked by team of …
Surge in mobile exploits and shell command injection attacks
IBM released the results of its X-Force 2011 Trend and Risk Report which shows surprising improvements in several areas of Internet security such as a reduction in application …
Risk across the phases of application security
A new Ponemon Institute study surveyed more than 800 IT Security and Development professionals from enterprise organizations to understand the perceptions both groups have …
Researchers compromise e-voting system
A group of researchers from the University of Michigan has recently attacked and managed to compromise the Washington, DC Digital Vote by Mail Internet voting system, proving …
Featured news
Resources
Don't miss
- Dutch police disrupts botnet composed of 17 million devices
- New infostealer reaches enterprise devices through FortiClient EMS vulnerability
- LinkedIn-themed phishing abuses Adobe’s A/B testing platform
- The behavioral signals that sharpen Trojan malware detection
- Zapier exploit chain shows how known anti-patterns compose into critical risk