Web Applications - Security Intelligence

A runner takes off on a track at sunset: known vulnerabilities

article

Jump-Start Your Management of Known Vulnerabilities

Known vulnerabilities are the weaknesses that are most often exploited, but how can they be managed?

June 8, 2018 | By Ramkumar Ramanathan

article

A piggy bank sitting on a desk while a person uses a calculator and laptop simultaneously.

news

100 Percent of Web Applications Vulnerable to Attack Despite Big Spending on Global Security Services

One-hundred percent of web applications are vulnerable to attack, despite analyst predictions that global security services spending will reach $96 billion in 2018.

April 17, 2018 | By Douglas Bonderud

news

A developer writing code: HTTP response headers

article

An Introduction to HTTP Response Headers for Security

HTTP response headers aim to help protect web applications from cross-site scripting (XSS), man-in-the-middle (MitM) attacks, clickjacking, cross-site request forgery and other threat vectors.

March 23, 2018 | By Madhusudhan Rajappa

article

news

37,000 Users Download Phony Adblock Plus App

Users who downloaded a phony Adblock Plus app should be on the lookout for a possible data breach. Google has since removed the app from its Chrome Store.

October 12, 2017 | By Shane Schick

news

article

Inside the Mind of a Hacker: Attacking Web Pages With Cross-Site Scripting

Web application developers must learn to think like cybercriminals to combat the growing threat of cross-site scripting (XSS) attacks.

March 13, 2017 | By Paul Ionescu

article

Cross-site scripting vulnerabilities are, unfortunately, quite common in public-facing applications and websites. Organizations should make an effort to prevent these issues by investing in application security testing methods and tools.

article

How to Protect Your Website From XSS Vulnerabilities With IBM Application Security

Application security practices and tools can help ensure that embarrassing and costly vulnerabilities are shut out of your website or app.

June 1, 2016 | By Erwin Friethoff

article

Security researchers have recently discovered a vulnerability with Microsoft EMET that could lead to malicious actors executing a variety of memory attacks on unsuspecting users. That's ironic since EMET was intended in part to protect from these attacks.

news

Researchers Warn Cybercriminals Could Bypass Microsoft EMET via WoW64

Researchers at Duo Labs have shown how easily Microsoft EMET can be bypassed via WoW64.

November 4, 2015 | By Shane Schick

news

Legacy Web applications typically lack the state-of-the-art security measures that are necessary in today's volatile environment, but dynamic data masking tools can be applied to these programs to ensure better privacy for all users.

article

Have Legacy Web Applications Become a Privacy Problem?

Many legacy Web applications are still in use, but they need to receive a security overhaul if they are to remain viable in today's world.

October 29, 2015 | By Steve Tallant

article

A new report highlighted several major vulnerabilities that are prevalent across organizations, representing potentially popular attack vectors for cybercriminals. But it also opens the door for information sharing, collaboration and widespread patches.

news

Common Vulnerabilities: The Key to Better Cybersecurity?

A new report finds companies share common cybersecurity vulnerabilities. Can this common ground be used to enhance network security?

October 6, 2015 | By Douglas Bonderud

news

A Web application security scanner can be tremendously helpful for organizations looking to shore up their defenses and prevent attacks before they are carried out. Yahoo stepped up to provide Griffin, a free service designed to scan Web apps.

news

Yahoo’s Gryffin Security Scanner Could Help Companies Better Protect Web Applications

System admins can never be sure of where the next online attack will come from, which is why Yahoo has released a new Web application security scanner.

September 29, 2015 | By Shane Schick

news

Fake Android Apps Steal Cryptocurrency Credentials With 2FA Bypass Technique

TCP SACK Panic Flaw Could Compromise Production Linux Machines

Free Decryption Tool Enables Victims of GandCrab Ransomware to Recover Their Files

Outlaw Threat Group Using Botnet to Distribute Monero Miner, Perl-Based Backdoor

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control

One Big Lesson From the Cyber Range to Help Solve Confirmation Bias

Observations of ITG07 Cyber Operations

Getting Quantum Ready and What This Means for Cryptography

Podcast: Reducing Third-Party Risk

Podcast: Development Agility and Open-Source Vulnerability Prioritization

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Podcast: Travel Security: Why Data Safety Doesn’t Get a Day Off

Webinar: How to Outmatch Data Security Challenges with Cost-Effective, Practical Strategies

Webinar: Total Recon: See You Online, Richter

Digital Identity Trust at Cyber Week 2019 – Tel Aviv, Israel

Webinar: IBM i2 User Group Webinar: Advance Your Existing i2 Capabilities

Tag: Web Applications

Jump-Start Your Management of Known Vulnerabilities

100 Percent of Web Applications Vulnerable to Attack Despite Big Spending on Global Security Services

An Introduction to HTTP Response Headers for Security

37,000 Users Download Phony Adblock Plus App

Inside the Mind of a Hacker: Attacking Web Pages With Cross-Site Scripting

How to Protect Your Website From XSS Vulnerabilities With IBM Application Security

Researchers Warn Cybercriminals Could Bypass Microsoft EMET via WoW64

Have Legacy Web Applications Become a Privacy Problem?

Common Vulnerabilities: The Key to Better Cybersecurity?

Yahoo’s Gryffin Security Scanner Could Help Companies Better Protect Web Applications