web application security

Hackers use Pastebin to deliver backdoor code

Cyber attackers taking advantage of legitimate online services is not a new thing, and “online clipboard” Pastebin.com is often used to anonymously leak stolen …

Rails security scanner Brakeman 3.0.0 released

Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at …

Assume your Drupal 7 site has been compromised

Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL …

XSS bug allows Amazon account hijacking

A recurring XSS bug in Amazon’s Kindle Library, i.e. the “Manage your Kindle” web application, can be exploited by attackers looking to hijack users’ …

Coursera privacy issues exposed

When well-known lawyer and Stanford law lecturer Jonathan Mayer was invited to teach a course on government surveillance on Coursera, the popular online website offering free …