Application attacks (buffer overflows, cross-site scripting) news, help and research

Application attacks (buffer overflows, cross-site scripting) News

September 01, 2021 01 Sep'21
Atlassian Confluence flaw under active attack

Administrators are advised to patch immediately after security experts confirmed mass scanning and exploits against a critical remote code execution vulnerability.
August 17, 2021 17 Aug'21
Many Exchange servers still vulnerable to ProxyLogon, ProxyShell

Tens of thousands of Exchange servers are still vulnerable to ProxyLogon and ProxyShell, and security researchers estimate honeypots represent only a small slice of those systems.
July 27, 2021 27 Jul'21
Open source web app projects hailed for quickly patching bugs

Nine vulnerabilities in three popular open source SMB tools were cleaned up within 24 hours after Rapid7 reported the flaws to their development teams.
July 14, 2021 14 Jul'21
Microsoft's 'PrintNightmare' lingers, requires new patches

July's Patch Tuesday update includes critical fixes, but one well-known remote code execution bug might remain open for those with specific registry key settings.

Bring yourself up to speed with our introductory content

4 types of ransomware and a timeline of attack examples

There are four main types of ransomware, but many examples of ransomware strains. Learn how the ransomware types work, and review notable ransomware attacks and variants. Continue Reading
IP spoofing

Internet Protocol (IP) spoofing is a type of malicious attack where the threat actor hides the true source of IP packets to make it difficult to know where they came from. Continue Reading
buffer overflow

A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Oversee apps with these 3 application security testing tools

Unsecured applications can have dire consequences for enterprises. Discover how top app security testing tools on the market today protect apps and enhance developer productivity. Continue Reading
Analyzing the top 2019 data breach disclosures: Hindsight in 2020

Make 2020 the year your company keep its resolution to avoid a data breach. Experts offer lessons learned from the top 2019 data breaches to help stay secure in the year ahead. Continue Reading
Who's to blame for ransomware attacks -- beyond the attackers?

Cyberattackers are to blame for ransomware attacks, but what about companies that release flawed software or don't install patches? Our expert looks at where the buck stops. Continue Reading

Learn to apply best practices and optimize your operations.

5 principles for AppSec program maturity

Applications remain a top cause of external data breaches. Follow these five principles to achieve application security program maturity. Continue Reading
12 Microsoft 365 security best practices to secure the suite

Migrating to or operating cloud-based Microsoft 365 can bring with it a host of problems and misconfigurations. Check out 12 best practices to tighten Microsoft 365 security. Continue Reading
Best practices for threat modeling service mesh, microservices

In microservices and service mesh environments, communications don't follow static paths. As such, security teams must update their application threat modeling methods. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Learn how to mitigate container security issues

The more companies embrace application containerization, the more they need to know about container security issues and attack prevention methods. Continue Reading
Adopting containers and preventing container security risks

When it comes to container security risks, organizations often worry about container escapes, but as expert Liz Rice explains, they should focus on prevention and patching. Continue Reading
3 steps to secure codebase updates, prevent vulnerabilities

Codebase updates are critical, but what about when they introduce vulnerabilities? These three steps will help app developers secure codebase updates and keep their apps safe. Continue Reading