web application security
Injection attacks tutorial
This episode of the OWASP appsec tutorial series describes the #1 attack on the OWASP top 10 – injection attacks. The video illustrates SQL injection, discusses other …
73% of organizations hacked in the last 2 years
Website attacks are the biggest concern for companies, yet 88 percent spend more on coffee than securing Web applications, according to a survey by Barracuda Networks, Cenzic …
Free guide: Web application security
Vulnerabilities in web applications are now the largest vector of enterprise security attacks. Stories about exploits that compromise sensitive data frequently mention …
Free XSS flaws detection service
Cross-site scripting (XSS) errors are responsible for more than half of all web application vulnerabilities1. So, in this age of accountability and expectations for secure, …
API bug responsible for Zuckerberg page hack
When at first Facebook didn’t issue a statement about what really happened on Mark Zuckerberg’s fan page and how someone managed to post a message in his name …
Riskiest social media applications
The fastest growing threat to corporate networks is web-based social media applications, according to WatchGuard security researchers. These applications can seriously …
Lush hack due to numerous security vulnerabilities
The Web site of Lush, the natural ingredients cosmetic firm, has reportedly been cracked and subverted by attackers, with reports that customers’ bank details have …
Major government websites hacked with access for sale
Researchers from Imperva’s Hacker Intelligence Initiative (HII) have found dozens of .mil, .gov and .edu web sites which have been hacked with access up for sale due to …
New book: Web Application Obfuscation
Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take …
(IN)SECURE Magazine issue 28 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 28 has been released today. Table of contents …
Breaking web browsers
In the video below, Jeremiah Grossman, the founder and CTO of WhiteHat Security, talks about breaking web security. The video was recorded at the OWASP AppSec USA 2010 conference.