By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Web server threats and application attacks News
May 04, 2017
A Google Docs phishing attack abused OAuth to give malicious actors full access to a victim's Gmail account and contacts, but Google claims to have blocked the attacks.
March 03, 2017
Cloudflare security researchers continue investigations as CEO calms fears over potential exposure of sensitive personal data by the Cloudbleed bug, though doubts remain.
February 24, 2017
The Cloudflare bug in CDN is fixed after causing sensitive customer data to leak. Google Project Zero discovered the flaw, and users were warned to change passwords.
January 26, 2017
Researchers found the infamous Heartbleed bug is still unpatched on as many as 200,000 services connected to the internet and experts don't expect that number to change.
Web server threats and application attacks Get Started
Bring yourself up to speed with our introductory content
A Web application firewall (WAF) is a firewall that monitors, filters or blocks traffic to and from a Web application. WAFs are especially useful to companies that provide products or services over the Internet. Continue Reading
A supercookie is a type of tracking cookie inserted into an HTTP header by an internet service provider to collect data about a user's internet browsing history and habits. Continue Reading
A web shell from the JexBoss security tool was used to exploit servers through an unpatched JBoss vulnerability. Expert Michael Cobb explains how to prevent similar attacks. Continue Reading
Evaluate Web server threats and application attacks Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
In this excerpt from chapter two of DNS Security: Defending the Domain Name System, authors Allan Liska and Geoffrey Stowe discuss why DNS security is important. Continue Reading
ProxyBack malware turns infected user systems into Internet proxies, which can obfuscate the attack source. Expert Nick Lewis explains how the malware works, and its purpose. Continue Reading
A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take. Continue Reading
Manage Web server threats and application attacks
Learn to apply best practices and optimize your operations.
SSL attacks such as Heartbleed, POODLE and Shellshock have placed countless enterprises at risk. Learn how these different attacks work, and how they can be prevented or mitigated. Continue Reading
No time to prepare for incident handling? Security tools aim to automate the incident response process and help organizations lessen the time between threat detection and response. Continue Reading
Microsoft is ending support for Windows Server 2003 in July 2015, yet many organizations will still run W2K3 beyond this date. Learn how to keep your enterprise safe. Continue Reading
Problem Solve Web server threats and application attacks Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them. Continue Reading
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Cloudflare bug that leaked an undetermined amount of customer data over several months. Continue Reading
Address bar spoofing attacks can be detrimental to an organization. Expert Michael Cobb details several vulnerabilities and explains how to defend against the threat. Continue Reading