web application security
High-impact DoS flaw patched in Node.js, update as soon as possible
The Node.js Foundation has pushed out a patch for its eponymous open source, cross-platform runtime environment for developing server-side web applications. The fix plugs two …
The automation and industrialization of cyber attacks
A new Imperva report highlights cyber criminals’ use of automation to increase both the magnitude and velocity of attacks designed to compromise users and steal sensitive …
Amazon launches AWS web application firewall
A new option has been offered to Amazon Web Services customers who want to increase the security of their servers: AWS WAF. This web application firewall aims to stop random …
Yahoo open-sources Gryffin, a large scale web security scanning platform
Yahoo has open-sourced Gryffin, a scanning platform for web applications.The developers’ goal was to create a security scanner that will be able to both discover as much …
Persistent XSS flaw in SharePoint 2013 revealed, patched
Among the vulnerabilities patched earlier this month by Microsoft is an important one that endangers users of Microsoft SharePoint 2013, a web application platform in the …
PayPal stored XSS vulnerability exposed
Bitdefender researchers have located a stored XSS vulnerability in PayPal that leaves the e-payment service open for hackers to upload maliciously crafted files, capable of …
Open source Sleepy Puppy tool finds XSS bugs in target apps and beyond
Since Monday, security pros can add another XSS-finding tool to their arsenal, as Netflix has open sourced their cross-site scripting payload management framework dubbed …
How to get better at web application security
Robert Hansen, Vice President of WhiteHat Security Labs, has more than 20 years of web application and browser security experience. In this interview he discusses the …
Script injection vulnerability discovered in Salesforce
Elastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing …
CDNetworks to showcase Cloud Security 2.0 at Black Hat USA 2015
CDNetworks, the global content delivery network (CDN), will showcase Cloud Security 2.0 this week at Black Hat USA 2015, Booth IP29.Cloud Security 2.0 includes intelligent, …
Best practice application security: Does it exist?
Unfortunately and unsurprisingly, website breaches have become an everyday occurrence. In fact, hacked websites have become so common that typically only the biggest data …
Nearly all websites have serious security vulnerabilities
A new Acunetix report on 5,500 companies comprising 15,000 website and network scans, performed on over 1.9 million files, finds nearly half of the web applications scanned …
Featured news
Sponsored
Don't miss
- Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!
- LastPass users targeted by vishing attackers
- Protobom: Open-source software supply chain tool
- The key pillars of domain security
- Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)