Web Applications - Security Intelligence

A runner takes off on a track at sunset: known vulnerabilities

article

Jump-Start Your Management of Known Vulnerabilities

Known vulnerabilities are the weaknesses that are most often exploited, but how can they be managed?

June 8, 2018 | By Ramkumar Ramanathan

article

A piggy bank sitting on a desk while a person uses a calculator and laptop simultaneously.

news

100 Percent of Web Applications Vulnerable to Attack Despite Big Spending on Global Security Services

One-hundred percent of web applications are vulnerable to attack, despite analyst predictions that global security services spending will reach $96 billion in 2018.

April 17, 2018 | By Douglas Bonderud

news

A developer writing code: HTTP response headers

article

An Introduction to HTTP Response Headers for Security

HTTP response headers aim to help protect web applications from cross-site scripting (XSS), man-in-the-middle (MitM) attacks, clickjacking, cross-site request forgery and other threat vectors.

March 23, 2018 | By Madhusudhan Rajappa

article

news

37,000 Users Download Phony Adblock Plus App

Users who downloaded a phony Adblock Plus app should be on the lookout for a possible data breach. Google has since removed the app from its Chrome Store.

October 12, 2017 | By Shane Schick

news

article

Inside the Mind of a Hacker: Attacking Web Pages With Cross-Site Scripting

Web application developers must learn to think like cybercriminals to combat the growing threat of cross-site scripting (XSS) attacks.

March 13, 2017 | By Paul Ionescu

article

Cross-site scripting vulnerabilities are, unfortunately, quite common in public-facing applications and websites. Organizations should make an effort to prevent these issues by investing in application security testing methods and tools.

article

How to Protect Your Website From XSS Vulnerabilities With IBM Application Security

Application security practices and tools can help ensure that embarrassing and costly vulnerabilities are shut out of your website or app.

June 1, 2016 | By Erwin Friethoff

article

Security researchers have recently discovered a vulnerability with Microsoft EMET that could lead to malicious actors executing a variety of memory attacks on unsuspecting users. That's ironic since EMET was intended in part to protect from these attacks.

news

Researchers Warn Cybercriminals Could Bypass Microsoft EMET via WoW64

Researchers at Duo Labs have shown how easily Microsoft EMET can be bypassed via WoW64.

November 4, 2015 | By Shane Schick

news

Legacy Web applications typically lack the state-of-the-art security measures that are necessary in today's volatile environment, but dynamic data masking tools can be applied to these programs to ensure better privacy for all users.

article

Have Legacy Web Applications Become a Privacy Problem?

Many legacy Web applications are still in use, but they need to receive a security overhaul if they are to remain viable in today's world.

October 29, 2015 | By Steve Tallant

article

A new report highlighted several major vulnerabilities that are prevalent across organizations, representing potentially popular attack vectors for cybercriminals. But it also opens the door for information sharing, collaboration and widespread patches.

news

Common Vulnerabilities: The Key to Better Cybersecurity?

A new report finds companies share common cybersecurity vulnerabilities. Can this common ground be used to enhance network security?

October 6, 2015 | By Douglas Bonderud

news

A Web application security scanner can be tremendously helpful for organizations looking to shore up their defenses and prevent attacks before they are carried out. Yahoo stepped up to provide Griffin, a free service designed to scan Web apps.

news

Yahoo’s Gryffin Security Scanner Could Help Companies Better Protect Web Applications

System admins can never be sure of where the next online attack will come from, which is why Yahoo has released a new Web application security scanner.

September 29, 2015 | By Shane Schick

news

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

Google 2FA Approach Turns Android Smartphones Into Security Keys

April Scams May Ruin Plans: Threat Actors Ramp Up for Tax Scam Season

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: Under the Radar: Live Webinar and Demo

Webinar: Facilitating Secure Hybrid Cloud Adoption with Guardium

Tag: Web Applications

Jump-Start Your Management of Known Vulnerabilities

100 Percent of Web Applications Vulnerable to Attack Despite Big Spending on Global Security Services

An Introduction to HTTP Response Headers for Security

37,000 Users Download Phony Adblock Plus App

Inside the Mind of a Hacker: Attacking Web Pages With Cross-Site Scripting

How to Protect Your Website From XSS Vulnerabilities With IBM Application Security

Researchers Warn Cybercriminals Could Bypass Microsoft EMET via WoW64

Have Legacy Web Applications Become a Privacy Problem?

Common Vulnerabilities: The Key to Better Cybersecurity?

Yahoo’s Gryffin Security Scanner Could Help Companies Better Protect Web Applications