Tag: Vulnerabilities

Think SQLi is Old News? Attackers Don’t!

What can we do to help developers learn about preventing incidence of SQLi vulns in their production applications? And what can we do about SQLi in legacy web applications or newer apps that were developed with SQLi vulnerabilities? This is a weekly...

Six Month Old Vulnerability Exploit Attempt

The IBM X-Force Threat Analysis Service (XFTAS) reports on vulnerabilities that need to be brought to the attention of our customers. Such was the case in June of 2013. We found a report on a Plesk Control Panel vulnerability (CVE-2013-4878) and...

A New Vulnerability in the Android Framework: Fragment Injection

We have recently disclosed a new vulnerability to the Android Security Team. The vulnerability affected many apps, including Settings (the one that is found on every Android device), Gmail, Google Now, DropBox and Evernote. To be more accurate, any...

Sharpening Your Security Intelligence Ax with Big Data

If you are the typical enterprise, you potentially have tens of thousands of software vulnerabilities spread across thousands and thousands of machines in your network. The possibilities for using existing data to enhance your vulnerability...