Please turn on your JavaScript for this page to function normally.

web application security

Injection attacks tutorial

This episode of the OWASP appsec tutorial series describes the #1 attack on the OWASP top 10 – injection attacks. The video illustrates SQL injection, discusses other …

73% of organizations hacked in the last 2 years

Website attacks are the biggest concern for companies, yet 88 percent spend more on coffee than securing Web applications, according to a survey by Barracuda Networks, Cenzic …

Free guide: Web application security

Vulnerabilities in web applications are now the largest vector of enterprise security attacks. Stories about exploits that compromise sensitive data frequently mention …

Free XSS flaws detection service

Cross-site scripting (XSS) errors are responsible for more than half of all web application vulnerabilities1. So, in this age of accountability and expectations for secure, …

API bug responsible for Zuckerberg page hack

When at first Facebook didn’t issue a statement about what really happened on Mark Zuckerberg’s fan page and how someone managed to post a message in his name …

Riskiest social media applications

The fastest growing threat to corporate networks is web-based social media applications, according to WatchGuard security researchers. These applications can seriously …

Lush hack due to numerous security vulnerabilities

The Web site of Lush, the natural ingredients cosmetic firm, has reportedly been cracked and subverted by attackers, with reports that customers’ bank details have …

Major government websites hacked with access for sale

Researchers from Imperva’s Hacker Intelligence Initiative (HII) have found dozens of .mil, .gov and .edu web sites which have been hacked with access up for sale due to …

New book: Web Application Obfuscation

Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take …

(IN)SECURE Magazine issue 28 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 28 has been released today. Table of contents …

Breaking web browsers

In the video below, Jeremiah Grossman, the founder and CTO of WhiteHat Security, talks about breaking web security. The video was recorded at the OWASP AppSec USA 2010 conference.

Don't miss

Cybersecurity news