web application security

LinkedIn users are in danger of having their their account hijacked when accessing it over insecure Wi-Fi networks or public computers, says independent security researcher …

A weakness and a vulnerability have been reported in phpMyAdmin, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to …

Web Application Configuration Analyzer (WACA) is a tool that scans a server against a set of best practices recommended for pre-production and production servers. The list of …

A group of attackers who clearly have it in for Fox Broadcasting have managed to access a company server with hundreds of their employees’ email usernames and passwords. …

Multiple vulnerabilities have been discovered in Exponent CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks and disclose sensitive …

Voltage Security announced a new encryption breakthrough for protecting personal data entered by consumers on web pages called PIE for Page-Integrated Encryption. The company …

Rafal Los, Application Security Evangelist at HP Software, talks about application security vulnerabilities at the logic level. The inner-workings of an application can only …

The recent compromise of a Comodo affiliate Registration Authority which resulted in the issue of nine rogue SSL certificates for seven popular domains has jolted the security …

HP identified a significant increase in the volume of organized cybercrime targeting data centers and networks, which can lead to financial and data loss. While there were …

A new Cenzic report reveals widespread Web application vulnerabilities, with 2,155 discovered – a third of which have both no known solution and an exploit code publicly …

A massive SQL injection attack campaign has been spotted by Websense researchers, and the number of unique URLs affected by it has risen from 28,000 when first detected …

Discovering that your site is chock full of security vulnerabilities must be embarrassing for any company, but is surely doubly so when you are a company offering to secure …