web application security
Wire shares results of independent security audit of its secure messaging apps
When I last spoke to Alan Duric, co-founder and (at the time) CEO of the company developing secure messaging application Wire, he stressed the importance of independent and …
Security company Fox-IT reveals, details MitM attack they suffered in September
Dutch IT security consultancy/service provider Fox-IT has revealed on Thursday that it has suffered a security breach, which resulted in some files and emails sent by the …
Bot-driven web traffic and its application security impact
New research conducted by the Ponemon Institute, which focused on such highly targeted industries as retail, healthcare and financial services, exposes the proliferation of …
Equifax breach: Sensitive info, SSNs of 44% of U.S. consumers accessed by attackers
Equifax, one of the three largest American credit agencies, has announced that it has suffered a “cybersecurity incident” affecting some 143 million U.S. …
PACER vulnerability allowed hackers to access legal docs while sticking others with the bill
A CSRF flaw that made it possible for attackers to access court documents on the PACER system while making legitimate users pay for it has finally been plugged. What is PACER? …
751 domains hijacked to redirect visitors to exploit kit
An unknown attacker has managed to modify the name servers assigned to 751 domains, which resulted in some visitors to the hijacked domains being redirected to a site hosting …
Telegram-based Katyusha SQL injection scanner sold on hacker forums
Despite regularly achieving one of the top spots on the OWASP Top 10 list of the most critical web application security risks, injection vulnerabilities continue to plague …
Review: Acunetix 11
Acunetix is one of the biggest players in the web security arena. The European-based company released the first version of their product back in 2005, and thousands of clients …
Rising information security threats, and what to do about them
The digital threat landscape faced by enterprises large and small is in perpetual flux, and keeping an eye on things and adapting defenses should be of primary importance to …
Password Reset MITM: Exposing the need for better security choices
Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites …
High-Tech Bridge ImmuniWeb named Best Emerging Technology
Web and mobile application security testing services provider High-Tech Bridge has won the “Best Emerging Technology” category at the SC Awards Europe 2017. The company has …
Apache servers under attack through easily exploitable Struts 2 flaw
A critical vulnerability in Apache Struts 2 is being actively and heavily exploited, even though the patch for it has been released on Monday. System administrators are …
Featured news
Resources
Don't miss
- CERT-UA warns against “security audit” requests via AnyDesk
- Decentralization is happening everywhere, so why are crypto wallets “walled gardens”?
- AI-driven insights transform security preparedness and recovery
- NDR’s role in a modern cybersecurity stack
- How Russian hackers went after NGOs’ WhatsApp accounts