Application attacks (buffer overflows, cross-site scripting) news, help and research

Application attacks (buffer overflows, cross-site scripting) News

July 27, 2021 27 Jul'21
Open source web app projects hailed for quickly patching bugs

Nine vulnerabilities in three popular open source SMB tools were cleaned up within 24 hours after Rapid7 reported the flaws to their development teams.
July 14, 2021 14 Jul'21
Microsoft's 'PrintNightmare' lingers, requires new patches

July's Patch Tuesday update includes critical fixes, but one well-known remote code execution bug might remain open for those with specific registry key settings.
July 12, 2021 12 Jul'21
SolarWinds warns of zero-day vulnerability under attack

SolarWinds says targeted attacks from a single threat actor have been reported on a previously unknown vulnerability in the Serv-U file transfer platform.
June 24, 2021 24 Jun'21
Atlassian moves to lock down accounts from takeover bugs

Check Point Research uncovered a set of flaws that, if chained together, would have enabled attackers to hijack accounts with single sign-on enabled.

Bring yourself up to speed with our introductory content

buffer overflow

A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold. Continue Reading
cyberterrorism

According to the U.S. Federal Bureau of Investigation, cyberterrorism is any 'premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by ... Continue Reading
dictionary attack

A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary as a password. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Oversee apps with these 3 application security testing tools

Unsecured applications can have dire consequences for enterprises. Discover how top app security testing tools on the market today protect apps and enhance developer productivity. Continue Reading
Analyzing the top 2019 data breach disclosures: Hindsight in 2020

Make 2020 the year your company keep its resolution to avoid a data breach. Experts offer lessons learned from the top 2019 data breaches to help stay secure in the year ahead. Continue Reading
Who's to blame for ransomware attacks -- beyond the attackers?

Cyberattackers are to blame for ransomware attacks, but what about companies that release flawed software or don't install patches? Our expert looks at where the buck stops. Continue Reading

Learn to apply best practices and optimize your operations.

12 Microsoft 365 security best practices to secure the suite

Migrating to or operating cloud-based Microsoft 365 can bring with it a host of problems and misconfigurations. Check out 12 best practices to tighten Microsoft 365 security. Continue Reading
Best practices for threat modeling service mesh, microservices

In microservices and service mesh environments, communications don't follow static paths. As such, security teams must update their application threat modeling methods. Continue Reading
What is shellcode and how is it used?

Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. Read up on the malware term and how to mitigate the risk. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Learn how to mitigate container security issues

The more companies embrace application containerization, the more they need to know about container security issues and attack prevention methods. Continue Reading
Adopting containers and preventing container security risks

When it comes to container security risks, organizations often worry about container escapes, but as expert Liz Rice explains, they should focus on prevention and patching. Continue Reading
3 steps to secure codebase updates, prevent vulnerabilities

Codebase updates are critical, but what about when they introduce vulnerabilities? These three steps will help app developers secure codebase updates and keep their apps safe. Continue Reading