Enterprises lack programs to secure third-party software
Veracode data indicates that despite increasing security risks from third-party and externally developed software, few enterprises currently have formal testing programs in …
Coverity Security Library released on GitHub
Coverity announced the creation of the Coverity Security Library, an open source project available through GitHub and Maven to help developers easily fix cross-site scripting …
Analysis of 15 million cyber attacks
A new web application attack report by FireHost offers an impression of the current internet security climate and provides statistical analysis of 15 million cyber attacks …
Web apps experience 2,700+ attacks per year
The median annual attack incidents on the 50 Web applications observed was 274 times a year, with one target experiencing more than 2,700 attack incidents. According to a new …
Sharp rise in SQL injections
FireHost revealed the latest statistical analysis of attacks successfully blocked by its servers. During the period of April to June 2012, web applications, databases and …
Radical reduction in online vulnerabilities
WhiteHat Security reviewed serious vulnerabilities in websites during 2011, examining the severity and duration of the most critical vulnerabilities from 7,000 websites across …
Web app security scanner Netsparker 2.1 released
Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology it’s built on, just like an actual …
XSS bug in Skype iPhone app allows address book theft
A bug in the latest version of Skype for iPhone and iPod touch makes its users vulnerable to having their address book stolen just by viewing a specially crafted message, says …
Skype XSS vulnerability allows malicious code injection?
According to a German researcher, a XSS bug in the latest (5.5.0.113) Skype version for Windows could allow attackers to inject malicious code into users’ phone sessions …
Scanning thousands of Web apps in days, not months
Faced with the reality that exploiting a single SQL Injection vulnerability or cross-site scripting (XSS) error in any web application could take down an organization’s …
IBM WebSphere Portal XSS vulnerability
A vulnerability has been reported in IBM WebSphere Portal, which can be exploited by malicious people to conduct cross-site scripting attacks, according to Secunia. Certain …
Software industry risks and SQL injection trends
With the trend of targeted cyber attacks along with the exploitation of common vulnerabilities such as SQL injection, it is clear that the core software infrastructure of …