Web application security
-
News
25 Apr 2024
Zero trust is a strategy, not a technology
Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag Continue Reading
-
News
24 Apr 2024
Mandatory MFA pays off for GitHub and OSS community
Mandating multifactor authentication for select developers has been a huge success for GitHub, the platform reports, and now it wants to go further Continue Reading
-
News
27 Nov 2012
Zero-day exploit for Yahoo Mail goes on sale
Hacker sells $700 zero-day exploit for Yahoo Mail that allows attacker to use cross-site scripting vulnerability to steal cookies and hijack accounts Continue Reading
-
News
13 Nov 2012
The Global State of Information Security Survey 2013: Key Findings
This global study examines the state of cyber-security and the impact of cyber crime and offers advice to businesses on reducing the risks. Continue Reading
-
News
30 Oct 2012
IT security budgets mismatched to hacker targets, study shows
IT security budgets are not being used to provide defence technologies in some areas most likely to be targeted by hackers, a study shows Continue Reading
-
News
10 Oct 2012
RSA Europe: Cloud key to future information security, says Qualys
Cloud computing is an opportunity information security professionals should not miss, says Philippe Courtot, CEO of security firm Qualys Continue Reading
-
News
05 Oct 2012
Security firm warns against Samsung Galaxy Tab for enterprise use
Security specialist Context Information Security says vulnerabilities in the Samsung Galaxy Tab make it unsuitable for use in the enterprise Continue Reading
-
News
02 Oct 2012
Hackers target White House military network
Hackers using computers in China have infiltrated an “unclassified” network in the US White House, believed to be used for issuing nuclear commands. Continue Reading
-
News
25 Sep 2012
Security concerns hold back mobile banking adoption
More than two-thirds of smartphone owners have not yet adopted mobile banking apps because of security concerns, a survey has revealed Continue Reading
-
News
18 Sep 2012
Microsoft investigates IE zero-day flaw
Microsoft says it is investigating reports of a vulnerability in Internet Explorer 6, 7, 8, and 9 Continue Reading
-
News
17 Sep 2012
Android devices vulnerable to security breaches
More than 50% of devices running Google's Android OS have unpatched vulnerabilities, opening them up to malicious apps and other attacks Continue Reading
-
Tip
14 Aug 2012
Mobile application security issues and threat vectors in enterprises
As mobile application security threats take on serious proportions, we explore the issues and risks involved for users and enterprises. Continue Reading
-
News
10 Jul 2012
Microsoft repairs dangerous XML Core Services zero-day flaw
The Microsoft XML Core Services vulnerability is being actively targeted by cybercriminals. In addition, Microsoft issued a critical update to Internet Explorer 9. Continue Reading
-
Answer
18 May 2012
File upload security best practices: Block a malicious file upload
Do your Web app users upload files to your servers? Find out the dangers of malicious file uploads and learn six steps to stop file-upload attacks. Continue Reading
-
Tutorial
09 May 2012
Burp Suite Tutorial PDF compendium: WebApp tester’s ready reference
Our Burp Suite tutorial PDF compendium is a collection of our Burp Suite guides in PDF format made available to you for free offline reference. Continue Reading
-
News
19 Mar 2012
Study: Shnakule, four other malnets caused most 2011 attacks
Huge global malnets, such as Shnakule, were responsible for most attacks in 2011, and Blue Coat predicts they will trigger 66% of all attacks in 2012. Continue Reading
-
Answer
05 Mar 2012
Session fixation protection: How to stop session fixation attacks
Session fixation attacks rely on poorly managed Web application cookies. Rob Shapland answers a reader’s question on session fixation protection. Continue Reading
-
News
24 Feb 2012
Windows security case study: Controlling Windows 7 user privileges
After migrating from Windows XP to Windows 7, Oxford University Press used Avecto’s Privilege Guard to control Windows 7 user privileges. Continue Reading
-
News
03 Feb 2012
Microsoft spurs Browsium to rewrite tool for running IE6 on Windows 7
Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6. Continue Reading
-
News
29 Dec 2011
Emerging 2012 security trends demand information security policy changes
2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals. Continue Reading
-
Tip
14 Dec 2011
CSRF attack: How hackers use trusted users for their exploits
A CSRF attack is a serious Web security threat that, combined with XSS, can be lethal. Learn about the CSRF attack’s anatomy, along with mitigation methods. Continue Reading
-
News
07 Mar 2011
Malvertising, pop-up ad virus problems demand more user protection
A recent pop-up ad infection on the London Stock Exchange's website highlights the growing scourge of malicious advertising, or malvertising. Continue Reading
-
Tip
18 Jan 2011
Top seven social media threats
Discover the top seven social media threats in the first of a two-part series on social media related security threats and preventive measures. Continue Reading
-
News
10 Mar 2008
Web 2.0 presents no new security challenges, is just marketing hype: Secure Computing
Secure Computing's Scott Montgomery says Web 2.0 security is marketing hype, application flaws come from overworked programmers and Australia is doing better at cyber-security than the USA and Europe. Continue Reading