Risk Management February 14, 2023

Breaking Down the Seven Steps of an SQL Injection Kill Chain

4 min read - Cyberattacks can cause immense damage to an organization’s system and have only increased in frequency over recent years. SQL injection is an especially devastating example. This form of attack involves exploiting a website or application code through the use of…

May 4, 2020

Vulnerabilities in LMS Plugins Allow Students to Access Records, Edit Data

< 1 min read - Security researchers discovered that students could abuse vulnerabilities in certain LMS plugins to access records and edit data.

April 3, 2019

Magento Flaw Lets Cybercriminals Access E-Commerce Sites Without Authentication

2 min read - Security researchers discovered a Magento flaw that could enable cybercriminals to penetrate and control features within the popular e-commerce site without authentication.

Application Security October 12, 2018

Is Your Site Protected Against Drupal Security Flaws?

2 min read - This past summer saw a pair of Drupal security flaws exposed and patched. Is your website secure?

Data Protection September 11, 2018

How Can Media Companies Be More Confident in Their Cybersecurity Strategy and Policy?

4 min read - According to recent research, only 1 percent of media companies are very confident in their cybersecurity strategy and policy.

Application Security July 6, 2018

What’s the Best Strategy to Manage Application Security Risk?

2 min read - To protect their organizations from threat actors targeting software vulnerabilities, security leaders should adopt an integrated approach to application security risk management.

April 11, 2018

Just 1 Percent of Companies Feel Ready to Fend Off Media Security Threats, Survey Reveals

2 min read - According to a recent study, just 1 percent of U.S. media companies reported high levels of confidence in their ability to withstand a variety of media security attacks.

November 2, 2017

WordPress Issues Security Patch to Mitigate SQL Injection

2 min read - With its latest update, WordPress patched a vulnerability that could enable malicious plugin and theme developers to execute SQL injection attacks.

Software Vulnerabilities September 21, 2017

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

6 min read - According to IBM X-Force, misconfigured cloud databases accounted for more than 71 percent of reported leaked records so far in 2017.

Application Security October 5, 2016

Why Do We Care So Little About Application-Layer Protection?

3 min read - In the current world of cloud and agile development, we deliver code monthly, weekly and even daily. One of my engineering teams at IBM affectionately refers to updates as the “daily dose.” We have developed robust processes to ensure that…