web application security
Web application scanning on a new level
Qualys announced the release of QualysGuard WAS 2.0 with several major enhancements to help customers catalog their web applications on a global scale and scan them for …
IronBee: Creating an open source web application firewall
Qualys announced IronBee, a new open source project to provide the next-generation of web application firewall (WAF) technology. Led by the team who designed and built …
400,000 e-mail addresses stolen in Irish job website breach
Names and e-mail addresses of some 400,000 job seekers have been harvested by hackers who have breached the RecruitIreland.com site and its systems. The site has been taken …
Injection attacks tutorial
This episode of the OWASP appsec tutorial series describes the #1 attack on the OWASP top 10 – injection attacks. The video illustrates SQL injection, discusses other …
73% of organizations hacked in the last 2 years
Website attacks are the biggest concern for companies, yet 88 percent spend more on coffee than securing Web applications, according to a survey by Barracuda Networks, Cenzic …
Free guide: Web application security
Vulnerabilities in web applications are now the largest vector of enterprise security attacks. Stories about exploits that compromise sensitive data frequently mention …
Free XSS flaws detection service
Cross-site scripting (XSS) errors are responsible for more than half of all web application vulnerabilities1. So, in this age of accountability and expectations for secure, …
API bug responsible for Zuckerberg page hack
When at first Facebook didn’t issue a statement about what really happened on Mark Zuckerberg’s fan page and how someone managed to post a message in his name …
Riskiest social media applications
The fastest growing threat to corporate networks is web-based social media applications, according to WatchGuard security researchers. These applications can seriously …
Lush hack due to numerous security vulnerabilities
The Web site of Lush, the natural ingredients cosmetic firm, has reportedly been cracked and subverted by attackers, with reports that customers’ bank details have …
Major government websites hacked with access for sale
Researchers from Imperva’s Hacker Intelligence Initiative (HII) have found dozens of .mil, .gov and .edu web sites which have been hacked with access up for sale due to …
New book: Web Application Obfuscation
Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take …