Application attacks (buffer overflows, cross-site scripting)
Get the latest news and information on recognizing vulnerabilities and defending against application attacks and threats such as buffer overflows, cross site scripting, SQL injections.
New & Notable
Application attacks (buffer overflows, cross-site scripting) News
-
October 15, 2018
15
Oct'18
Mystery around Trend Micro apps still lingers one month later
The mystery around the Trend Micro apps that were removed from the Mac App Store continues despite Trend Micro's numerous updates on the matter.
-
August 31, 2018
31
Aug'18
Another patched Apache Struts vulnerability exploited
News roundup: A new Apache Struts vulnerability was exploited in the wild mere days after it was patched. Plus, Facebook removes app over privacy concerns and more.
-
December 29, 2016
29
Dec'16
Critical PHPMailer library vulnerability patched, and repatched
A bypass for the patch of a remote code execution vulnerability in the PHPMailer library prompted a second patch release for the popular library used by millions of websites.
-
December 07, 2016
07
Dec'16
Exploit kit delivered via malvertising targets unpatched systems
A malvertising campaign could put millions at risk of attack as the Stegano exploit kit is being delivered by this new method and is targeting unpatched systems.
Application attacks (buffer overflows, cross-site scripting) Get Started
Bring yourself up to speed with our introductory content
-
denial-of-service attack
A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources. Continue Reading
-
Payload (computing)
The term payload, when used in the context of networking or telecommunications, is the data carried inside of a packet (or other network protocol data units like frames or segments). Continue Reading
-
cross-site scripting (XSS)
Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites. Continue Reading
Evaluate Application attacks (buffer overflows, cross-site scripting) Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Stop app attacks with a web application firewall
Web application firewalls are more essential than ever when it comes to halting app attacks. Learn what features and functions you should look for when choosing a new WAF. Continue Reading
-
Getting runtime application self-protection launched
A runtime application self-protection tool only sounds complicated. Buying and using a RASP tool, though, may prove a surprisingly simple way to amp up your application security. Continue Reading
-
Insider Edition: Secure web apps
Secure web apps are essential to business. Everyday interactions rely on them, which means security flaws in apps have serious ramifications for enterprises. Most studies conclude that more than half of web applications have critical security ... Continue Reading
Manage Application attacks (buffer overflows, cross-site scripting)
Learn to apply best practices and optimize your operations.
-
Picking the right focus for web application security testing
Deciding which web applications on which to focus application security testing is a challenging task. Read this list of considerations to ensure you're addressing the right areas. Continue Reading
-
How does Telegram malware bypass end-to-end encryption?
A Telegram malware called Telegrab targets Telegram's desktop instant messaging service to collect and exfiltrate cache data. Expert Michael Cobb explains how Telegrab works. Continue Reading
-
How are Linear eMerge E3 systems vulnerable to attacks?
ICS-CERT issued a warning about a new vulnerability in Nortek Linear eMerge E3 products. Discover what this vulnerability is and how it affects access control for enterprises. Continue Reading
Problem Solve Application attacks (buffer overflows, cross-site scripting) Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
How is Android Accessibility Service affected by a banking Trojan?
ThreatFabric researchers uncovered MysteryBot, Android malware that uses overlay attacks to avoid detection. Learn how this malware affects Google's Android Accessibility Service. Continue Reading
-
How did an Electron framework flaw put Slack at risk?
An Electron framework flaw put users of Slack, Skype and other big apps at risk. Expert Michael Cobb explains how this remote code execution flaw works and how to prevent it. Continue Reading
-
How does a Magento Community Edition flaw allow remote attacks?
As the Magento Community Edition suffers a new zero-day vulnerability, expert Nick Lewis explains how it's being exploited and how to mitigate the cross-site request forgery flaw. Continue Reading