By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Web server threats and application attacks News
October 31, 2017
A security researcher earned more than $15,000 by finding three flaws in the Google Issue Tracker, aka Buganizer, which revealed details on unpatched vulnerabilities.
October 05, 2017
Newly uncovered information indicated that all 3 billion users were affected by the 2013 Yahoo data breach, but Oath claimed passwords and credit card info was safe.
September 15, 2017
Equifax has confirmed an unpatched critical Apache Struts vulnerability was exploited in the breach that compromised the personal data of 143 million U.S. citizens.
May 04, 2017
A Google Docs phishing attack abused OAuth to give malicious actors full access to a victim's Gmail account and contacts, but Google claims to have blocked the attacks.
Web server threats and application attacks Get Started
Bring yourself up to speed with our introductory content
A Web application firewall (WAF) is a firewall that monitors, filters or blocks traffic to and from a Web application. WAFs are especially useful to companies that provide products or services over the Internet. Continue Reading
A supercookie is a type of tracking cookie inserted into an HTTP header by an internet service provider to collect data about a user's internet browsing history and habits. Continue Reading
A web shell from the JexBoss security tool was used to exploit servers through an unpatched JBoss vulnerability. Expert Michael Cobb explains how to prevent similar attacks. Continue Reading
Evaluate Web server threats and application attacks Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
In this excerpt from chapter two of DNS Security: Defending the Domain Name System, authors Allan Liska and Geoffrey Stowe discuss why DNS security is important. Continue Reading
ProxyBack malware turns infected user systems into Internet proxies, which can obfuscate the attack source. Expert Nick Lewis explains how the malware works, and its purpose. Continue Reading
A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take. Continue Reading
Manage Web server threats and application attacks
Learn to apply best practices and optimize your operations.
While big companies get the headlines, small businesses are more often the targets of attacks on web applications. We examine what might be keeping SMBs from proper security. Continue Reading
Web application security is crucial, but enterprises also need to look below that layer for web server vulnerabilities. Kevin Beaver explains how to look for common weaknesses. Continue Reading
As the Magento Community Edition suffers a new zero-day vulnerability, expert Nick Lewis explains how it's being exploited and how to mitigate the cross-site request forgery flaw. Continue Reading
Problem Solve Web server threats and application attacks Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
New media player vulnerabilities have been exposed that enable hackers to use subtitle files to control devices. Expert Judith Myerson explains how this happens. Continue Reading
Should products intercept Transport Layer Security connections to gain visibility into network traffic? A new study by researchers and U.S.-CERT warn against it. Continue Reading
Preinstalled malware was reportedly found by Apple in its custom servers. Expert Nick Lewis explains how enterprises can protect themselves from encountering similar issues. Continue Reading