Please turn on your JavaScript for this page to function normally.

web application security

Equifax breach: Sensitive info, SSNs of 44% of U.S. consumers accessed by attackers

Equifax, one of the three largest American credit agencies, has announced that it has suffered a “cybersecurity incident” affecting some 143 million U.S. …

Law legislation
PACER vulnerability allowed hackers to access legal docs while sticking others with the bill

A CSRF flaw that made it possible for attackers to access court documents on the PACER system while making legitimate users pay for it has finally been plugged. What is PACER? …

road sign
751 domains hijacked to redirect visitors to exploit kit

An unknown attacker has managed to modify the name servers assigned to 751 domains, which resulted in some visitors to the hijacked domains being redirected to a site hosting …

Telegram-based Katyusha SQL injection scanner sold on hacker forums

Despite regularly achieving one of the top spots on the OWASP Top 10 list of the most critical web application security risks, injection vulnerabilities continue to plague …

Acunetix 11
Review: Acunetix 11

Acunetix is one of the biggest players in the web security arena. The European-based company released the first version of their product back in 2005, and thousands of clients …

Rising information security threats, and what to do about them

The digital threat landscape faced by enterprises large and small is in perpetual flux, and keeping an eye on things and adapting defenses should be of primary importance to …

Password Reset MITM: Exposing the need for better security choices

Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites …

thumb up
High-Tech Bridge ImmuniWeb named Best Emerging Technology

Web and mobile application security testing services provider High-Tech Bridge has won the “Best Emerging Technology” category at the SC Awards Europe 2017. The company has …

Apache Struts
Apache servers under attack through easily exploitable Struts 2 flaw

A critical vulnerability in Apache Struts 2 is being actively and heavily exploited, even though the patch for it has been released on Monday. System administrators are …

Qualys and Bugcrowd bring automation, crowdsourcing to web app security

At RSA Conference 2017, Qualys and Bugcrowd announced joint development integrations allowing joint customers the ability to share vulnerability data across automated web …

25% of web apps still vulnerable to eight of the OWASP Top Ten

69 percent of web applications are plagued by vulnerabilities that could lead to sensitive data exposure, and 55 percent by cross-site request forgery flaws, the results of a …

Qualys brings web application security automation to a new level

At RSA Conference 2017, Qualys announced new functionality in its web application security offerings, including scalable fast scanning, detection and patching of websites, …

Don't miss

Cybersecurity news