web application security
Web application security vulnerabilities and strategies
The use of web applications has soared recently, due to the significant value they can add to enterprises by providing innovative ways to interact with customers. However, so …
Testing web applications for security flaws
David Hoelzer is the Director of Research, Enclave Forensics and a SANS Trainer. In this interview he discusses web application testing, offers advice for those on the hunt …
Vulnerability management for Web applications
Core Security announced Core WebVerify Web application security software that provides organizations with actionable intelligence and analysis on indisputably critical …
BackTrack adds RandomStorm WordPress scanner
RandomStorm’s WPScan, the free WordPress security scanner, has been added to the latest version of BackTrack. BackTrack is an open source operating system that provides …
Pligg CMS multiple XSS vulnerabilities
Multiple vulnerabilities have been discovered in Pligg CMS, which can be exploited by malicious people to conduct cross-site scripting attacks, according to Secunia. 1. Input …
phpMyAdmin multiple script insertion vulnerabilities
Multiple vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious users to conduct script insertion attacks, according to Secunia. 1. Certain …
Drupal Author Pane module security bypass weakness
A weakness has been reported in the Author Pane module for Drupal, which can be exploited by malicious people to bypass certain security restrictions, according to Secunia. …
Apache fixes “Apache Killer” bug
The Apache Software Foundation has released version 2.2.20 of the Apache HTTP Server, which includes a fix for the DDoS bug that was spotted being exploited in the wild …
Facebook pays bug hunters $40,000 in three weeks
The recently introduced Facebook bug bounty program has proved to be a great success, says Joe Sullivan, the company’s chief security officer. “We know and have …
WebSurgery: Suite for security testing of web applications
WebSurgery is a suite of tools for security testing of web applications. It was designed for security auditors to help them with the web application planning and exploitation. …
Scanning thousands of Web apps in days, not months
Faced with the reality that exploiting a single SQL Injection vulnerability or cross-site scripting (XSS) error in any web application could take down an organization’s …
Web application security on a new level
Qualys announced QualysGuard WAS 2.0, enabling organizations to leverage the power and scalability of the cloud to discover, catalogue and scan large numbers of web …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments