web application security
Arachni: Web application security scanner framework
Arachni is an open source Web application security scanner framework, a modular framework that allows fast, accurate and flexible vulnerability assessment. In order to …
Over 1M pages compromised in massive SQL injection attack
At the beginning of December researchers from the Internet Storm Center spotted a relatively limited SQL attack – about 80 affected pages – redirecting visitors of …
Security solution on Amazon Web Services
Check Point announced its security gateways are now available to customers through Amazon Web Services (AWS), enabling organizations to extend their security to the cloud with …
Microsoft releases MS11-100 for ASP.NET DoS attack
Today Microsoft released a security bulletin addressing a flaw in ASP.NET that was disclosed early morning yesterday at the Chaos Communication Congress (CCC) in Berlin. …
Top 10 HTML5 threats and attack vectors
Emerging as popular standard to create Rich Internet Applications and competing with technology stacks like Adobe’s Flex/Flash and Microsoft’s Silverlight is …
Free tool exploits SQL injection vulnerabilities
NT OBJECTives announced NTO SQL Invader, a free tool which provides pen testers and developers the ability to quickly and easily exploit and demonstrate SQL Injection …
QualysGuard Web Application Scanning
Yesterday, Qualys released version 2.1 of QualysGuard Web Application Scanning (WAS), that integrates with Selenium to help companies further automate scanning of web …
New version of Qualys web application scanner
Qualys announced a new release of QualysGuard Web Application Scanning (WAS) 2.1 that integrates with Selenium to help companies further automate scanning of web applications …
Effectiveness of web application firewalls
The best defense against web application vulnerabilities and threats is to professionally train Web Application Firewalls (WAFs) and to incorporate Dynamic Application …
Joomla! security bypass weakness and XSS vulnerability
A weakness and a vulnerability have been reported in Joomla!, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site …
Framework for analyzing web-based threats
Wepawet is a framework for the analysis of web-based threats. It uses a composition of tools and techniques to execute, trace, analyze, and characterize the activity of code …
Secure access to Office 365 cloud-based web applications
RSA SecurID can now be integrated with the Windows Active Directory Federation Services 2.0 (AD FS 2.0). This integration can enable organizations to provide secure user …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments