Browsing Tag: Web Application Security


Programming Language Security Examined

Web application security begins with the developer’s comfort level and familiarity with a programming language. WhiteHat Security’s latest report examines the security of six top languages.


New Platform Protects Data on Compromised Servers

New Platform Protects Data From Arbitrary Server Compromises

Categories: Cryptography, Web Security

Researchers are in the midst of rolling out a secure new platform for building web applications that can protect confidential data from being stolen in the event that attackers gain full access to the servers.


GUI Vulnerabilities Expose Information Disclosure, Privilege Escalation

GUI Vulnerabilities Expose Information Disclosure, Privilege Escalation

Developers are configuring GUIs as mechanisms for access control and exposing enterprises to privilege escalation and information disclosure vulnerabilities.


ebay hack

eBay Vulnerable to Account Hijacking Via XSRF

Categories: Vulnerabilities

A researcher reported a cross-site request forgery vulnerability to eBay in August, and despite repeated communication from the online auction that the code has been repaired, the site remains vulnerable to exploit.



US Top Source of Web-Based Attacks; Retailers Heavily Targeted

Categories: Web Security

The United States is no longer the most obese country in the world (thanks to Mexico), but it still ranks No.1 as the globally preeminent source of Web-based attacks, according to the Imperva Web Application Attack Report.


Cloudflare CEO: AT&T Voicemail Hack Key To Compromise

Loose security protecting voice mailboxes at mobile carrier AT&T provided a key element necessary to successfully hack the Google Enterprise Apps account of tech firm CloudFlare, according to an account of the hack posted by CEO Matthew Prince.


Cloud Service Linode Hacked, Bitcoin Accounts Emptied

A security compromise at Linode, the New Jersey-based Linux cloud provider, has warned customers that hackers breached a Web-based customer service portal used by the company and emptied the Bitcoin accounts of eight Linode customers. One Linode customer reports the theft of Bitcoins totalling around $14,000.