A client-side perspective on web security
Threats to web security are explained in this first of a three-part article series, and client-side security is shown to address a commonly missed class of cyber attack …
web application security
Increase web application security without causing any user disruption
In this podcast recorded at RSA Conference 2020, Jason A. Hollander, CEO, and Paul B. Storm, President at Cymatic, talk about how their platform builds a defensible barrier …
vBulletin zero-day exploited in the wild in wake of exploit release
An anonymous bug hunter has released a working and elegantly simple exploit for a pre-authentication remote code execution flaw (CVE-2019-16759) affecting vBulletin and it …
Imperva discloses security incident affecting Cloud WAF customers
Imperva, the well-known California-based web application security company, has announced that it has suffered a “security incident” involving its Cloud Web …
Securing modern web apps: A case for framework-aware SAST
If you were to write a web application entirely by yourself, it would be a rather daunting task. You would need to write the UI elements from lower-level APIs, set up and …
Finance knocks business and professional services off top spot in four most attacked industries
Finance is the most attacked sector in EMEA, accounting for 30% of all attacks – compared to 17% globally, according to NTT Security. It knocks business and professional …
Identify web application vulnerabilities and prioritize fixes with Netsparker
In this Help Net Security podcast, Ferruh Mavituna, CEO at Netsparker, talks about web application security and how Netsparker is helping businesses of any size keep their web …
Most Magento shops get compromised via vulnerable extensions
Vulnerable third party extensions (modules) are now the main source of Magento hacks, says security researcher and Magento forensics investigator Willem de Groot. “The …
IIS attacks surge from 2,000 to 1.7 million over last quarter
IIS, Drupal, and Oracle WebLogic web technologies experienced increased attacks in Q2 2018. According to a new threat report from eSentire, IIS attacks showed a massive …
DevOps and digital transformation initiatives are creating insecure apps
WhiteHat Security released its 2018 Application Security Statistics Report, “The Evolution of the Secure Software Lifecycle,” which identifies the security vulnerabilities and …
The ultimate fallout from the Facebook data breach could be massive
Less than a week ago, Facebook announced that unknown attackers have managed to string together three bugs affecting the social media platform, which allowed them to steal …
Python-based attack tools are the most common vector for launching exploit attempts
Hackers have an obvious predilection for Python-based attack tools, says Imperva. “When examining the use of Python in attacks against sites we protect, the result was …