web application security
Web app security scanner Netsparker 2.0 released
Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology it’s built on, just like an actual …
New OAuth toolkit
Layer 7 Technologies unveiled its OAuth Toolkit, an enterprise-class solution to provide a generalized framework for handling a broad range of OAuth scenarios across cloud, …
90,000+ web pages compromised through iFrame injection
Researchers from security firm Armorize have uncovered a massive iFrame injection attack that has compromised 90,000+ Web pages belonging mostly to e-commerce sites. The …
phpMyAdmin multiple vulnerabilities
Multiple vulnerabilities have been reported in phpMyAdmin, according to Secunia. These can be exploited by malicious users to conduct cross-site scripting attacks and …
Global analysis of 10 million web attacks
Web applications, on average, experience twenty seven attacks per hour, or roughly one attack every two minutes, according to Imperva. They observed and categorized attacks …
2011 CWE/SANS top 25 most dangerous software errors
SANS and Mitre have released the CWE/SANS Top 25 Most Dangerous Software Errors list for 2011. The list was compiled with the help of a great number of security experts from a …
Web Application Attack and Audit Framework 1.0 released
The Web Application Attack and Audit Framework’s (w3af) goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. …
LinkedIn security flaws allow account hijacking
LinkedIn users are in danger of having their their account hijacked when accessing it over insecure Wi-Fi networks or public computers, says independent security researcher …
phpMyAdmin redirection weakness and script insertion vulnerability
A weakness and a vulnerability have been reported in phpMyAdmin, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to …
Microsoft Web Application Configuration Analyzer 2.0 released
Web Application Configuration Analyzer (WACA) is a tool that scans a server against a set of best practices recommended for pre-production and production servers. The list of …
Hackers steal, publish Fox employee passwords
A group of attackers who clearly have it in for Fox Broadcasting have managed to access a company server with hundreds of their employees’ email usernames and passwords. …
Exponent CMS multiple vulnerabilities
Multiple vulnerabilities have been discovered in Exponent CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks and disclose sensitive …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments