New & Notable
Application attacks (buffer overflows, cross-site scripting) News
October 22, 2018
A zero-day in jQuery File Upload could affect thousands of projects because the jQuery plugin vulnerability has existed for eight years and actively exploited for at least three years.
October 15, 2018
The mystery around the Trend Micro apps that were removed from the Mac App Store continues despite Trend Micro's numerous updates on the matter.
August 31, 2018
News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more.
December 29, 2016
A bypass for the patch of a remote code execution vulnerability in the PHPMailer library prompted a second patch release for the popular library used by millions of websites.
Application attacks (buffer overflows, cross-site scripting) Get Started
Bring yourself up to speed with our introductory content
IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both. Continue Reading
A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources. Continue Reading
The term payload, when used in the context of networking or telecommunications, is the data carried inside of a packet (or other network protocol data units like frames or segments). Continue Reading
Evaluate Application attacks (buffer overflows, cross-site scripting) Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Web application firewalls are more essential than ever when it comes to halting app attacks. Learn what features and functions you should look for when choosing a new WAF. Continue Reading
A runtime application self-protection tool only sounds complicated. Buying and using a RASP tool, though, may prove a surprisingly simple way to amp up your application security. Continue Reading
Secure web apps are essential to business. Everyday interactions rely on them, which means security flaws in apps have serious ramifications for enterprises. Most studies conclude that more than half of web applications have critical security ... Continue Reading
Manage Application attacks (buffer overflows, cross-site scripting)
Learn to apply best practices and optimize your operations.
Deciding which web applications on which to focus application security testing is a challenging task. Read this list of considerations to ensure you're addressing the right areas. Continue Reading
A Telegram malware called Telegrab targets Telegram's desktop instant messaging service to collect and exfiltrate cache data. Expert Michael Cobb explains how Telegrab works. Continue Reading
ICS-CERT issued a warning about a new vulnerability in Nortek Linear eMerge E3 products. Discover what this vulnerability is and how it affects access control for enterprises. Continue Reading
Problem Solve Application attacks (buffer overflows, cross-site scripting) Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
NIST's 'Vetting the Security of Mobile Applications' draft discusses four key areas of general requirements. Learn how further improvements to the vetting process could be made. Continue Reading
ThreatFabric researchers uncovered MysteryBot, Android malware that uses overlay attacks to avoid detection. Learn how this malware affects Google's Android Accessibility Service. Continue Reading
An Electron framework flaw put users of Slack, Skype and other big apps at risk. Expert Michael Cobb explains how this remote code execution flaw works and how to prevent it. Continue Reading