Web server threats and application attacks

In this resource guide get news and tips on Web server attacks, threats, and countermeasures. Learn how to secure your Web servers to prevent malicious hacker access and avoid DNS vulnerabilities.

New & Notable

Download this free guide

Your Guide to Info Sec Certifications

We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Web server threats and application attacks News

April 30, 2018 30 Apr'18
Attackers seek Oracle WebLogic vulnerability after faulty patch

The combination of a broken Oracle WebLogic vulnerability and available proof-of-concept exploit code has led threat actors to search for any servers that are at risk.
December 13, 2017 13 Dec'17
Return of Bleichenbacher: ROBOT attack means trouble for TLS

A team of security researchers discovered many vendors' TLS implementations are vulnerable to the Bleichenbacher oracle attack, which was first discovered 19 years ago.
October 31, 2017 31 Oct'17
Google Buganizer flaw reveals unpatched vulnerability details

A security researcher earned more than $15,000 by finding three flaws in the Google Issue Tracker, aka Buganizer, which revealed details on unpatched vulnerabilities.
October 05, 2017 05 Oct'17
Yahoo data breach found to affect all 3 billion users

Newly uncovered information indicated that all 3 billion users were affected by the 2013 Yahoo data breach, but Oath claimed passwords and credit card info was safe.

View All News

Web server threats and application attacks Get Started

Bring yourself up to speed with our introductory content

cross-site scripting (XSS)

Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites. Continue Reading
CISSP Domain 6: The importance of security assessments and testing

Security assessment and testing should be baked into your regular IT workflows so that you’re able to spot software vulnerabilities before they turn into full-blown attacks. Continue Reading
How to manage HTTP response headers for IIS, Nginx and Apache

HTTP response header configuration files on servers need to be set up properly to secure sensitive data. Expert Judith Myerson outlines how to do this on different types of servers. Continue Reading

View All Get Started

Evaluate Web server threats and application attacks Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Advanced Protection Program: How has Google improved security?

Google added a layer to its account security system with Advanced Protection Program. Matt Pascucci explains how individuals can better defend themselves from malicious actors. Continue Reading
DNS Security: Defending the Domain Name System

In this excerpt from chapter two of DNS Security: Defending the Domain Name System, authors Allan Liska and Geoffrey Stowe discuss why DNS security is important. Continue Reading
How can web shells be used to exploit security tools and servers?

A web shell from the JexBoss security tool was used to exploit servers through an unpatched JBoss vulnerability. Expert Michael Cobb explains how to prevent similar attacks. Continue Reading

View All Evaluate

Manage Web server threats and application attacks

Learn to apply best practices and optimize your operations.

How a Blizzard DNS rebinding flaw put millions of gamers at risk

A Blizzard DNS rebinding flaw could have put users of its online PC games at risk of attack. Expert Michael Cobb explains how a DNS rebinding attack works and what to do about it. Continue Reading
How can a Moxa MXview vulnerability be exploited by hackers?

A vulnerability was found in Moxa MXview -- a software used to visualize network devices and physical connections. Learn how this vulnerability can enable privilege escalation. Continue Reading
Typosquatting: How did threat actors access NPM libraries?

Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it means for users. Continue Reading

View All Manage

Problem Solve Web server threats and application attacks Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Why the Bleichenbacher attack is still around

The Bleichenbacher attack got a new name after 20 years. Expert Michael Cobb reviews the ROBOT attack and discusses why it's still active this long after it emerged. Continue Reading
How did OurMine hackers use DNS poisoning to attack WikiLeaks?

The OurMine hacking group recently used DNS poisoning to attack WikiLeaks and take over its web address. Learn how this attack was performed from expert Nick Lewis. Continue Reading
Katyusha Scanner: How does it work via a Telegram account?

The Katyusha Scanner is based on the open source penetration test scanner Arachni. However, it has been modified to work through Telegram accounts. Nick Lewis explains how it works. Continue Reading

View All Problem Solve