Web Application Security
- May 20, 2015
Google's new Chrome extension policy mandates that all users and developers must install web browser extensions from the Chrome Web Store.
- May 15, 2015
News roundup: Microsoft released security details of its new Edge browser, but is enough to restore user confidence? Plus: Millennial security threats; new ransomware, GPU-based malware; black hat cybersecurity services.
- May 08, 2015
WordPress was found to have two new zero-day XSS vulnerabilities that were being exploited, but a patch has already been issued to mitigate the issues.
- April 27, 2015
A researcher has released a proof-of-concept exploit for a WordPress vulnerability leveraging stored XSS, which could lead to remote code execution on affected servers.
- April 23, 2015
At RSA Conference 2015, John Pescatore offered real-world case studies proving that information security technologies can help prevent data breaches.
- January 30, 2015
News roundup: YouTube announced it has stopped using Flash by default in favor of HTML5. Is this the long-awaited end for Flash? Plus: Java was the riskiest software in 2014; BEC scam cost $215 last year; NFL data interceptions.
- January 16, 2015
News roundup: Recently discovered firmware flaws highlight the challenges posed by hardware security. Plus: Heartland's breach warranty; RSA's overhaul; and Download.com's app (in)security.
- July 01, 2014
A new online archive is allowing researchers to anonymously submit and expose cross-site scripting vulnerabilities uncovered across the Web.
- June 26, 2014
Special report: The handling of an OWASP employee's disputed harassment claim has sparked a debate over the group's governance and its future.
- April 22, 2014
The 2014 Verizon data breach report shows a big rise in Web application attacks, with CMS frameworks and user credentials the most likely targets.