Web Application Security News, Articles and Updates

Web App attacks up 69%, US main source of cyber attacks

Web application attacks have grown 69 percent compared to Q3 2016, up 30 percent on the previous quarter according to the Akamai Q3 State of the Internet Security Report.

Apache Struts bugs: Cisco products vulnerable to remote code execution

Cisco Systems has issued a pair of advisories warning users that several of its products have been affected by vulnerabilities recently discovered in the Apache Struts 2 open-source web application framework.

Web App vulnerability enables Equifax breach affecting up to 143m in US

Cyber-criminals gained unauthorised access to Equifax files in a breach that could affect as many as 143 million consumers in the US, the company said Thursday.

Web application attacks accounted for 73% of all incidents says report

Web application attacks accounted for 73 percent of all incidents and pure public cloud installations experienced the fewest security incidents in recent industry report.

Aberdeen City Council website defaced, motive unclear

"Algerian-based Team System DZ, has ramped up activity significantly over the last month. While there is no obvious target pattern, it is clear they are finding vulnerable sites to infiltrate and deface."

Researcher finds flaws in industrial control devices

A number of vulnerabilities found in an industrial automation device could allow hackers to take control of machinery.

Google looking to reshape web defences with strict Content Security Policies

Google has released a Content Security Policy Evaluator with the aim of assisting web developers avoid leaving their web applications open to XSS attacks.

InfoSec 2016: WhiteHat says "security from within" key to tackling web vulnerabilities

WhiteHat Security's vice president, Ryan O'Leary, says "security has to come from within", explaining that "no vendor will be able to help you if you don't secure your software or web application from the get-go."

Four Tips to kick-start your web application security effort

Ian Muscat offers four crucial tips on securing web applications - with the general theme of being prepared.