web application security
Exponent CMS multiple vulnerabilities
Multiple vulnerabilities have been discovered in Exponent CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks and disclose sensitive …
Page-integrated encryption for protecting credit cards on the web
Voltage Security announced a new encryption breakthrough for protecting personal data entered by consumers on web pages called PIE for Page-Integrated Encryption. The company …
Application security vulnerabilities
Rafal Los, Application Security Evangelist at HP Software, talks about application security vulnerabilities at the logic level. The inner-workings of an application can only …
MITM attacks made possible by SSL certs issued for unqualified names
The recent compromise of a Comodo affiliate Registration Authority which resulted in the issue of nine rogue SSL certificates for seven popular domains has jolted the security …
Top cybercrime weapon: Web exploit toolkits
HP identified a significant increase in the volume of organized cybercrime targeting data centers and networks, which can lead to financial and data loss. While there were …
Vulnerabilities in common web applications escalate
A new Cenzic report reveals widespread Web application vulnerabilities, with 2,155 discovered – a third of which have both no known solution and an exploit code publicly …
Massive SQL injection attack compromises 380,000 URLs
A massive SQL injection attack campaign has been spotted by Websense researchers, and the number of unique URLs affected by it has risen from 28,000 when first detected …
McAfee.com filled with vulnerabilities
Discovering that your site is chock full of security vulnerabilities must be embarrassing for any company, but is surely doubly so when you are a company offering to secure …
Web application security trends and issues
In this podcast, Mandeep Khera from Cenzic talks about web application security trends and issues. Web applications are the weakest link in the security chain – and it …
Cenzic at a glance
John Weinschenk, President & CEO of Cenzic, talks about the company and their product line. Cenzic is a provider of software, managed service, and cloud security products …
IronBee versus ModSecurity
After spending a couple of weeks talking about IronBee to anyone willing to listen, I have assembled a list of commonly asked questions. Not unexpectedly, the question that …
Most sites are exposed to at least one vulnerability each day
The average website has serious vulnerabilities more than nine months of the year and data leakage has over taken cross site scripting as the most common website …
Featured news
Resources
Don't miss
- CISOs, are your medical devices secure? Attackers are watching closely
- Cybersecurity classics: 10 books that shaped the industry
- NIST selects HQC as backup algorithm for post-quantum encryption
- NetBird: Open-source network security
- Burnout in cybersecurity: How CISOs can protect their teams (and themselves)