Web Application Security
- July 01, 2014
A new online archive is allowing researchers to anonymously submit and expose cross-site scripting vulnerabilities uncovered across the Web.
- June 26, 2014
Special report: The handling of an OWASP employee's disputed harassment claim has sparked a debate over the group's governance and its future.
- April 22, 2014
The 2014 Verizon data breach report shows a big rise in Web application attacks, with CMS frameworks and user credentials the most likely targets.
- April 17, 2014
When it comes to app risk management, who is ultimately responsible: business leaders or security professionals? A new report weighs in.
- September 19, 2012
Vulnerabilities in HTML 5 make it an emerging threat; however, SQL injection and XSS remain among the top attacks.
- August 29, 2012
Basic Java sandboxing has been around since 1995, but flaws in the Java virtual machine are highly targeted. Experts are calling on Oracle to do more.
- August 15, 2012
Security researchers have detected attacks targeting users of Internet Explorer with a Flash file embedded in a Microsoft Word document.
- June 08, 2012
Adobe repaired seven dangerous vulnerabilities in its latest Flash Player update and added sandboxing protection for Firefox and Mac users.
- April 18, 2012
A review of hundreds of unique custom Web applications found more than half are vulnerable to cross-site scripting and more than 86% contain injection flaws.
- January 27, 2012
Column: Third-party applications are notoriously hard to patch and often easy to exploit. Is it time to ban applications, or can they be secured with a new approach?