New & Notable
Application attacks (buffer overflows, cross-site scripting) News
October 15, 2018
The mystery around the Trend Micro apps that were removed from the Mac App Store continues despite Trend Micro's numerous updates on the matter.
August 31, 2018
News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more.
December 29, 2016
A bypass for the patch of a remote code execution vulnerability in the PHPMailer library prompted a second patch release for the popular library used by millions of websites.
December 07, 2016
A malvertising campaign could put millions at risk of attack as the Stegano exploit kit is being delivered by this new method and is targeting unpatched systems.
Application attacks (buffer overflows, cross-site scripting) Get Started
Bring yourself up to speed with our introductory content
A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources. Continue Reading
The term payload, when used in the context of networking or telecommunications, is the data carried inside of a packet (or other network protocol data units like frames or segments). Continue Reading
Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites. Continue Reading
Evaluate Application attacks (buffer overflows, cross-site scripting) Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Web application firewalls are more essential than ever when it comes to halting app attacks. Learn what features and functions you should look for when choosing a new WAF. Continue Reading
A runtime application self-protection tool only sounds complicated. Buying and using a RASP tool, though, may prove a surprisingly simple way to amp up your application security. Continue Reading
Secure web apps are essential to business. Everyday interactions rely on them, which means security flaws in apps have serious ramifications for enterprises. Most studies conclude that more than half of web applications have critical security ... Continue Reading
Manage Application attacks (buffer overflows, cross-site scripting)
Learn to apply best practices and optimize your operations.
Deciding which web applications on which to focus application security testing is a challenging task. Read this list of considerations to ensure you're addressing the right areas. Continue Reading
A Telegram malware called Telegrab targets Telegram's desktop instant messaging service to collect and exfiltrate cache data. Expert Michael Cobb explains how Telegrab works. Continue Reading
ICS-CERT issued a warning about a new vulnerability in Nortek Linear eMerge E3 products. Discover what this vulnerability is and how it affects access control for enterprises. Continue Reading
Problem Solve Application attacks (buffer overflows, cross-site scripting) Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
ThreatFabric researchers uncovered MysteryBot, Android malware that uses overlay attacks to avoid detection. Learn how this malware affects Google's Android Accessibility Service. Continue Reading
An Electron framework flaw put users of Slack, Skype and other big apps at risk. Expert Michael Cobb explains how this remote code execution flaw works and how to prevent it. Continue Reading
As the Magento Community Edition suffers a new zero-day vulnerability, expert Nick Lewis explains how it's being exploited and how to mitigate the cross-site request forgery flaw. Continue Reading