web application
API security awareness: The first step to better assessing the risk
In this Help Net Security interview, Tal Steinherz, CTO at Wib, talks about the importance of API security awareness and how to tackle numerous threats that are plaguing it. …
80% of organizations experienced employees misusing and abusing access to business apps
Organizations continue to operate with limited visibility into user activity and sessions associated with web applications, despite the ever-present risk of insider threats …
Blocked DDoS events up 75% in the first nine months of 2021
Radware has published results from its report which provides an overview of the DDoS attack landscape, application attack developments, and unsolicited network scanning …
Is the government’s response to cybersecurity threats enough for your organization?
With this year’s attacks against Colonial Pipeline and Kaseya, ransomware and its impact on infrastructure have been pushed to the forefront of American political …
File upload security best practices rarely implemented to protect web applications
Despite a marked increase in concerns around malware attacks and third-party risk, only 8% of organizations with web applications for file uploads have fully implemented the …
Why XSS is still an XXL issue in 2021
Cross-site scripting (XSS) attacks take advantage of coding flaws in the way websites or web applications generate input from users. Despite their longstanding reputation as a …
3.4 billion credential stuffing attacks hit financial services organizations
Akamai published a report that provides an analysis of both global and financial services-specific web application and credential stuffing attack traffic, revealing …
Security doesn’t always require immediacy
New security threats emerge almost continuously, meaning we now deal with a known unknown. In the past year alone, malware and ransomware use has sharply increased, 43% of …
DevOps didn’t kill WAF, because WAF will never truly die
The web application firewall (WAF) is dead, they say, and DevOps is the culprit, found over the body in the server room with a blade in its hand and splattered code on its …
Even though critical, web application security is getting less attention
As organizations shifted focus to support remote work and business continuity amid the challenges of 2020, web application security suffered, according to an Invicti Security …
Using memory encryption in web applications to help reduce the risk of Spectre attacks
There’s nothing quite like an actual proof-of-concept to make everyone listen. I was pleased by the PoC released by Google security engineers Stephen Röttger and Artur Janc …
One in four people use work passwords for consumer websites
Employees working from home on a company-provided computer are demonstrating a clear lack of cybersecurity knowledge through high-risk behavior, according to a report released …