Web application security

News 18 Dec 2025
AI safeguards improving, says UK government-backed body

Inaugural AI Security Institute report claims that safeguards in place to ensure AI models behave as intended seem to be improving Continue Reading
By
- Alex Scroxton, Security Editor
Opinion 12 Dec 2025
What lies in store for cyber security skills in 2026?

As we prepare to close out 2025, the Computer Weekly Security Think Tank panel looks back at the past year, and ahead to 2026. Continue Reading

News 12 Dec 2012
Ghost Shell hacktivists publish over a million credentials

The Ghost Shell group, an offshoot of the Anonymous hacking collective has published the log-in details from 1.6 million accounts Continue Reading
By
- Warwick Ashford, Senior analyst
News 07 Dec 2012
UK government jobs website exploited by hackers

Hackers have been able to exploit security flaws in a new government jobs website to steal personal information about job applicants Continue Reading
By
- Warwick Ashford, Senior analyst
News 06 Dec 2012

2012 Cost of Cyber Crime Study: UK

The 2012 Cost of Cyber Crime Study: United Kingdom is independently conducted by Ponemon Institute. The benchmark study, sponsored by HP Enterprise Security is based on a representative sample of 38 organisations in various industry sectors. Continue Reading

— www.computerweekly.com
News 03 Dec 2012

IT Security Purchasing Intentions 2013

This in-depth research from Computer Weekly and TechTarget reveals the IT security spending priorities of businesses in the UK and Europe. Continue Reading

— www.computerweekly.com
News 27 Nov 2012
Zero-day exploit for Yahoo Mail goes on sale

Hacker sells $700 zero-day exploit for Yahoo Mail that allows attacker to use cross-site scripting vulnerability to steal cookies and hijack accounts Continue Reading
By
- Warwick Ashford, Senior analyst
News 13 Nov 2012

The Global State of Information Security Survey 2013: Key Findings

This global study examines the state of cyber-security and the impact of cyber crime and offers advice to businesses on reducing the risks. Continue Reading

— www.computerweekly.com
News 30 Oct 2012
IT security budgets mismatched to hacker targets, study shows

IT security budgets are not being used to provide defence technologies in some areas most likely to be targeted by hackers, a study shows Continue Reading
By
- Warwick Ashford, Senior analyst
News 10 Oct 2012
RSA Europe: Cloud key to future information security, says Qualys

Cloud computing is an opportunity information security professionals should not miss, says Philippe Courtot, CEO of security firm Qualys Continue Reading
By
- Warwick Ashford, Senior analyst
News 05 Oct 2012
Security firm warns against Samsung Galaxy Tab for enterprise use

Security specialist Context Information Security says vulnerabilities in the Samsung Galaxy Tab make it unsuitable for use in the enterprise Continue Reading
By
- Caroline Baldwin, Freelance editor and journalist
News 02 Oct 2012
Hackers target White House military network

Hackers using computers in China have infiltrated an “unclassified” network in the US White House, believed to be used for issuing nuclear commands. Continue Reading
By
- Cliff Saran, Managing Editor
News 25 Sep 2012
Security concerns hold back mobile banking adoption

More than two-thirds of smartphone owners have not yet adopted mobile banking apps because of security concerns, a survey has revealed Continue Reading
By
- Warwick Ashford, Senior analyst
News 18 Sep 2012
Microsoft investigates IE zero-day flaw

Microsoft says it is investigating reports of a vulnerability in Internet Explorer 6, 7, 8, and 9 Continue Reading
By
- Warwick Ashford, Senior analyst
News 17 Sep 2012
Android devices vulnerable to security breaches

More than 50% of devices running Google's Android OS have unpatched vulnerabilities, opening them up to malicious apps and other attacks Continue Reading
By
- Caroline Baldwin, Freelance editor and journalist
Tip 14 Aug 2012
Mobile application security issues and threat vectors in enterprises

As mobile application security threats take on serious proportions, we explore the issues and risks involved for users and enterprises. Continue Reading
By
- Ram Venkatraman
News 10 Jul 2012
Microsoft repairs dangerous XML Core Services zero-day flaw

The Microsoft XML Core Services vulnerability is being actively targeted by cybercriminals. In addition, Microsoft issued a critical update to Internet Explorer 9. Continue Reading
By
- Robert Westervelt, TechTarget
Answer 18 May 2012
File upload security best practices: Block a malicious file upload

Do your Web app users upload files to your servers? Find out the dangers of malicious file uploads and learn six steps to stop file-upload attacks. Continue Reading
By
- Rob Shapland
Tutorial 09 May 2012
Burp Suite Tutorial PDF compendium: WebApp tester’s ready reference

Our Burp Suite tutorial PDF compendium is a collection of our Burp Suite guides in PDF format made available to you for free offline reference. Continue Reading
By
- SearchSecurity.in Staff
News 19 Mar 2012
Study: Shnakule, four other malnets caused most 2011 attacks

Huge global malnets, such as Shnakule, were responsible for most attacks in 2011, and Blue Coat predicts they will trigger 66% of all attacks in 2012. Continue Reading
By
- Ron Condon
Answer 05 Mar 2012
Session fixation protection: How to stop session fixation attacks

Session fixation attacks rely on poorly managed Web application cookies. Rob Shapland answers a reader’s question on session fixation protection. Continue Reading
By
- Rob Shapland
News 24 Feb 2012
Windows security case study: Controlling Windows 7 user privileges

After migrating from Windows XP to Windows 7, Oxford University Press used Avecto’s Privilege Guard to control Windows 7 user privileges. Continue Reading
By
- Ron Condon
News 03 Feb 2012
Microsoft spurs Browsium to rewrite tool for running IE6 on Windows 7

Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6. Continue Reading
By
- Ron Condon
News 29 Dec 2011
Emerging 2012 security trends demand information security policy changes

2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals. Continue Reading
By
- Ron Condon
Tip 14 Dec 2011
CSRF attack: How hackers use trusted users for their exploits

A CSRF attack is a serious Web security threat that, combined with XSS, can be lethal. Learn about the CSRF attack’s anatomy, along with mitigation methods. Continue Reading
By
- Karthik Poojary, Amazon
News 07 Mar 2011
Malvertising, pop-up ad virus problems demand more user protection

A recent pop-up ad infection on the London Stock Exchange's website highlights the growing scourge of malicious advertising, or malvertising. Continue Reading
By
- Ron Condon
Tip 18 Jan 2011
Top seven social media threats

Discover the top seven social media threats in the first of a two-part series on social media related security threats and preventive measures. Continue Reading
By
- Shantanu Ghosh
News 10 Mar 2008
Web 2.0 presents no new security challenges, is just marketing hype: Secure Computing

Secure Computing's Scott Montgomery says Web 2.0 security is marketing hype, application flaws come from overworked programmers and Australia is doing better at cyber-security than the USA and Europe. Continue Reading
By
- Simon Sharwood