Web server threats and application attacks
In this resource guide get news and tips on Web server attacks, threats, and countermeasures. Learn how to secure your Web servers to prevent malicious hacker access and avoid DNS vulnerabilities.
Top Stories
-
News
06 Oct 2021
Apache HTTP Server vulnerability under active attack
Security experts are urging administrators to update their installations of Apache HTTP Server following the disclosure of a zero-day vulnerability that had been under attack. Continue Reading
-
News
16 Jun 2021
Zscaler: Exposed servers, open ports jeopardizing enterprises
Zscaler analyzed 1,500 networks and found administrators are leaving basic points of entry wide open for attackers as neglected servers are falling by the wayside. Continue Reading
-
News
06 Oct 2021
Apache HTTP Server vulnerability under active attack
Security experts are urging administrators to update their installations of Apache HTTP Server following the disclosure of a zero-day vulnerability that had been under attack. Continue Reading
-
News
16 Jun 2021
Zscaler: Exposed servers, open ports jeopardizing enterprises
Zscaler analyzed 1,500 networks and found administrators are leaving basic points of entry wide open for attackers as neglected servers are falling by the wayside. Continue Reading
-
Definition
26 Apr 2021
Tor browser
The Tor (the onion routing) browser is a web browser designed for anonymous web surfing and protection against traffic analysis. Continue Reading
-
Tip
31 Jul 2020
How to mitigate an HTTP request smuggling vulnerability
Exploiting an HTTP request smuggling vulnerability can result in the inadvertent execution of unauthorized HTTP requests. Learn how to defend web environments from this attack. Continue Reading
-
News
27 Jul 2020
Digital ad networks tied to malvertising threats -- again
Adsterra and Propeller Ads were implicated in past malvertising threats such the Master134 campaign. Now the two ad networks are linked to new malicious activity. Continue Reading
-
Tip
29 Apr 2020
SSL certificate best practices for 2020 and beyond
SSL/TLS security is continuously improving, and there are steps site owners should take to ensure the safety of their SSL certificates, websites and users. Read on to learn more. Continue Reading
-
Tip
25 Mar 2020
How to prevent buffer overflow attacks
Read up on types of buffer overflow attacks, and learn secure coding best practices that prevent such vulnerabilities, as well as post-deployment steps to keep apps and websites safe. Continue Reading
-
Feature
27 Feb 2020
Windows IIS server hardening checklist
Use this handy Windows IIS server hardening checklist on the job to ensure your IIS server is deployed safely and stays secure in use. Continue Reading
-
News
13 Jan 2020
Signal Sciences: Enterprises still overlooking web app security
Signal Sciences co-founder and CEO Andrew Peterson explains why web application security often gets shortchanged and what his next-gen WAF company is doing to change that. Continue Reading
-
Tip
02 Oct 2019
How can DNS privacy issues be addressed?
Learn two techniques for improving end-user DNS privacy protection that prevent DNS from exposing information about websites users visit and the people users communicate with. Continue Reading
-
News
24 Sep 2019
Cloudflare battles malicious bots with 'fight mode'
Cloudflare takes its first steps in keeping malicious bots from attacking customers by using complex challenges to waste a bot's CPU resources in an attempt to disincentivize more bots. Continue Reading
-
News
29 May 2019
Hackers scan for MySQL ransomware targets
A security researcher found that malicious actors have been scanning database servers for MySQL ransomware targets running on Windows, but mitigation should be relatively easy. Continue Reading
-
News
19 Apr 2019
DNS hijacking campaign targets national security organizations
A DNS hijacking campaign targeting national security organizations and critical infrastructure may be part of a new trend, according to the researchers behind recent attacks. Continue Reading
-
News
16 Apr 2019
Microsoft disputes Outlook data breach report
Microsoft warned Outlook users who may have had data compromised in an attack using customer support login credentials to access account information over the course of months. Continue Reading
-
News
04 Apr 2019
Pipdig WordPress plugin accused of DDoS attacks and backdoors
Pipdig, a blog theme and plugin company, was accused of using obfuscated code to gain backdoor access to customer blogs and launch low-scale DDoS attacks on rivals. Continue Reading
-
News
03 Apr 2019
Proof-of-concept Magento exploit used in attacks
Experts are urging users to patch after a proof-of-concept Magento exploit was picked up by malicious actors and used in attempted attacks on e-commerce websites. Continue Reading
-
Feature
28 Mar 2019
Symantec Web Security Service vs. Zscaler Internet Access
Learn how cloud-based secure web gateway products Symantec Web Security Service and Zscaler Internet Access compare when it comes to features, benefits, pricing and support. Continue Reading
-
News
01 Mar 2019
Coinhive shutdown imminent after troubled cryptomining past
The Coinhive cryptominer is scheduled to be shut down following a troubled history and experts don't think the company gave the full story as to why the shutdown is happening. Continue Reading
-
News
27 Feb 2019
MarioNet attack exploits HTML5 to create botnets
Researchers created a new browser-based attack, called MarioNet, that exploits an HTML5 API and can create botnets even after a browser tab is closed or a target navigates away. Continue Reading
-
News
13 Feb 2019
Dunkin' security alert warns of new credential-stuffing attacks
Dunkin' sent a security alert to customers warning of potentially malicious access of accounts due to the second credential stuffing attack in less than three months. Continue Reading
-
Answer
13 Feb 2019
How did Browser Reaper cause browsers to crash?
A Mozilla vulnerability duplicated in the Browser Reaper set of DoS proofs of concept caused Chrome, Firefox and Safari to crash. Learn why and how this occurred. Continue Reading
-
News
29 Jan 2019
Dailymotion credential stuffing attacks lasted more than 6 days
Video-sharing website Dailymotion reset passwords for an unknown number of users following 'large-scale' credential stuffing attacks that lasted for more than six days before being stopped. Continue Reading
-
News
25 Jan 2019
DNS hijack attacks lead to government directive from DHS
Following a string of DNS hijack attacks around the globe, the Department of Homeland Security has directed federal agencies to harden defenses against DNS tampering. Continue Reading
-
Answer
18 Jan 2019
Java deserialization attacks: What are they and how do they work?
The TP-Link EAP Controller for Linux was recently found to be vulnerable to attacks. Learn from Judith Myerson what this means for users and how it can be prevented. Continue Reading
-
News
11 Jan 2019
Iran implicated in DNS hijacking campaign around the world
FireEye researchers investigating a DNS hijacking campaign against governments and telecom companies said those who are potential targets of Iran should take precautions. Continue Reading
-
News
10 Jan 2019
UnCAPTCHA attack updated to bypass spoken phrases
Researchers updated their unCAPTCHA proof of concept to be more efficient in bypassing audio CAPTCHAs and be able to handle spoken phrases and not just strings of numbers. Continue Reading
-
News
20 Dec 2018
Twitter bugs expose user data and direct messages
Two Twitter bugs led to questions about the platform's user privacy and security, while the company said one of the bugs opened the door to possible state-sponsored attacks. Continue Reading
-
News
11 Dec 2018
Second Google+ data exposure leads to earlier service shutdown
Another Google Plus data exposure -- this time potentially affecting more than 52 million users -- will cause the service to be shut down four months earlier than scheduled. Continue Reading
-
News
27 Nov 2018
USPS website flaw exposed data for one year
The U.S. Postal Service inadvertently exposed the data of 60 million users and has only just fixed the underlying website flaw, despite being notified of the issue one year ago. Continue Reading
-
News
16 Nov 2018
Google BGP route leak was accidental, not hijacking
Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to an accidental misconfiguration and not malicious activity. Continue Reading
-
Tip
15 Nov 2018
How to configure browsers to avoid web cache poisoning
Web cache poisoning poses a serious threat to web browser security. Learn how hackers can exploit unkeyed inputs for malicious use with expert Michael Cobb. Continue Reading
-
News
05 Nov 2018
As PHP v5 nears its end, enterprises face serious threats
The majority of websites still use the outdated PHP v5, according to recent data, causing concern over the fact that it will stop receiving security support at the end of the year. Continue Reading
-
Answer
26 Oct 2018
How was Kea DHCP v1.4.0 affected by a security advisory?
Kea, an open source DHCP server, was issued a medium security advisory for a flaw that causes memory leakage in version 1.4.0. Discover the workarounds with Judith Myerson. Continue Reading
-
News
23 Oct 2018
Healthcare.gov breach exposes data on 75,000 people
Malicious actors attacked a back-end insurance system and the resulting Healthcare.gov breach exposed an unknown amount of data on 75,000 people. Continue Reading
-
News
10 Oct 2018
Google security audit begets product changes, German probe
A Google security audit uncovered a glitch in Google Plus that exposed data from nearly 500,000 accounts, causing the company to shutter the social network and spur a German data protection probe. Continue Reading
-
News
27 Sep 2018
Congressional websites need to work on TLS
Congressional websites may not always have the best security, according to Joshua Franklin. Although, senators may be better at website security than House representatives. Continue Reading
-
News
27 Sep 2018
Election website security a mess for states and candidates alike
Joshua Franklin has been researching election website security for congressional candidates, and he found a lot of misconfigurations on official pages and other sites meant to confuse voters. Continue Reading
-
Tip
27 Sep 2018
Why communication is critical for web security management
Conveying the importance of web security to management can be difficult for many security professionals. Kevin Beaver explains how to best communicate with the enterprise. Continue Reading
-
News
07 Sep 2018
Misconfigured Tor sites leave public IP addresses exposed
The anonymity of Tor is once again under scrutiny, as a researcher finds misconfigured Tor sites can expose the public IP address connected to a dark web site. Continue Reading
-
Answer
07 Sep 2018
How does a WDC vulnerability put hardcoded passwords at risk?
Several vulnerabilities were found in Western Digital's My Cloud, including one that affects the default hardcoded password. Learn how to avoid such risks with expert Nick Lewis. Continue Reading
-
Answer
23 Aug 2018
How can a 13-year-old configuration flaw affect SAP systems?
Cybersecurity vendor Onapsis found a 13-year-old flaw that affects nine out of 10 SAP NetWeaver systems. Learn how the flaw affects SAP systems with expert Judith Myerson. Continue Reading
-
News
10 Aug 2018
Web cache poisoning attacks demonstrated on major websites, platforms
PortSwigger's James Kettle doesn't believe web cache poisoning is theoretical and to prove it, he demonstrated several attacks on major websites and platforms at Black Hat 2018. Continue Reading
-
Answer
23 Jul 2018
How did a Navarino Infinity flaw expose unauthenticated scripts?
Navarino Infinity, a satellite communication system, found and fixed a flaw that exposed an unauthenticated script. Discover what threats this flaw enabled with Judith Myerson. Continue Reading
-
News
13 Jul 2018
Ticketmaster breach part of worldwide card-skimming campaign
News roundup: The Ticketmaster breach was part of a massive digital credit card-skimming campaign. Plus, the U.K. fined Facebook over the Cambridge Analytica scandal, and more. Continue Reading
-
Answer
28 Jun 2018
How can a text editor plug-in enable privilege escalation?
Developers use text editors to enhance efficiency in the workplace even though they require vulnerable third-party plug-ins. Discover these vulnerabilities with Judith Myerson. Continue Reading
-
News
30 Apr 2018
Attackers seek Oracle WebLogic vulnerability after faulty patch
The combination of a broken Oracle WebLogic vulnerability and available proof-of-concept exploit code has led threat actors to search for any servers that are at risk. Continue Reading
-
Tip
05 Apr 2018
How a Blizzard DNS rebinding flaw put millions of gamers at risk
A Blizzard DNS rebinding flaw could have put users of its online PC games at risk of attack. Expert Michael Cobb explains how a DNS rebinding attack works and what to do about it. Continue Reading
-
Answer
27 Mar 2018
How can a Moxa MXview vulnerability be exploited by hackers?
A vulnerability was found in Moxa MXview -- a software used to visualize network devices and physical connections. Learn how this vulnerability can enable privilege escalation. Continue Reading
-
Tip
01 Mar 2018
Why the Bleichenbacher attack is still around
The Bleichenbacher attack got a new name after 20 years. Expert Michael Cobb reviews the ROBOT attack and discusses why it's still active this long after it emerged. Continue Reading
-
Answer
23 Feb 2018
How did OurMine hackers use DNS poisoning to attack WikiLeaks?
The OurMine hacking group recently used DNS poisoning to attack WikiLeaks and take over its web address. Learn how this attack was performed from expert Nick Lewis. Continue Reading
-
Answer
22 Feb 2018
Typosquatting: How did threat actors access NPM libraries?
Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it means for users. Continue Reading
-
Answer
01 Feb 2018
Katyusha Scanner: How does it work via a Telegram account?
The Katyusha Scanner is based on the open source penetration test scanner Arachni. However, it has been modified to work through Telegram accounts. Nick Lewis explains how it works. Continue Reading
-
Tip
30 Jan 2018
Cryptojacking: How to navigate the bitcoin mining threat
Due to the rising value of bitcoin and other cryptocurrency, hackers have started to use cryptojacking to mine bitcoin. Learn what this means for end users with expert Nick Lewis. Continue Reading
-
Tip
18 Jan 2018
How HTTP security headers can defend enterprise systems
HTTP security headers that have the right configurations can be used as defense methods against cyberattacks. Expert Judith Myerson outlines how to use headers this way. Continue Reading
-
Answer
16 Jan 2018
Advanced Protection Program: How has Google improved security?
Google added a layer to its account security system with Advanced Protection Program. Matt Pascucci explains how individuals can better defend themselves from malicious actors. Continue Reading
-
Security School
19 Dec 2017
CISSP Domain 6: The importance of security assessments and testing
Security assessment and testing should be baked into your regular IT workflows so that you’re able to spot software vulnerabilities before they turn into full-blown attacks. Continue Reading
-
News
13 Oct 2017
Equifax website hack blamed on drive-by download attack
Security researchers find drive-by download attacks affecting both Equifax and TransUnion, but Equifax claims systems were not compromised in the website hack. Continue Reading
-
Answer
12 Oct 2017
How can hackers use subtitle files to control endpoint devices?
New media player vulnerabilities have been exposed that enable hackers to use subtitle files to control devices. Expert Judith Myerson explains how this happens. Continue Reading
-
Tip
11 Oct 2017
Addressing web server vulnerabilities below the application layer
Web application security is crucial, but enterprises also need to look below that layer for weaknesses. Kevin Beaver explains how to look for common web server vulnerabilities. Continue Reading
-
News
05 Oct 2017
Yahoo data breach found to affect all 3 billion users
Newly uncovered information indicated that all 3 billion users were affected by the 2013 Yahoo data breach, but Oath claimed passwords and credit card info was safe. Continue Reading
-
Answer
25 Sep 2017
How does a Magento Community Edition flaw allow remote attacks?
As the Magento Community Edition suffers a new zero-day vulnerability, expert Nick Lewis explains how it's being exploited and how to mitigate the cross-site request forgery flaw. Continue Reading
-
News
15 Sep 2017
Apache Struts vulnerability blamed for Equifax data breach
Equifax has confirmed an unpatched critical Apache Struts vulnerability was exploited in the breach that compromised the personal data of 143 million U.S. citizens. Continue Reading
-
Feature
01 Sep 2017
HTTPS interception gets a bad rap; now what?
Should products intercept Transport Layer Security connections to gain visibility into network traffic? A new study by researchers and U.S.-CERT warn against it. Continue Reading
-
Opinion
01 Sep 2017
A damaging spring of internet worms and poor performance
Security is a hot topic for media outlets that report on stock markets as companies founder on corporate earnings. The financial fallout of global malware is a call to action. Continue Reading
- 28 Aug 2017
-
Tip
13 Jul 2017
How to detect preinstalled malware in custom servers
Preinstalled malware was reportedly found by Apple in its custom servers. Expert Nick Lewis explains how enterprises can protect themselves from encountering similar issues. Continue Reading
-
Tip
09 May 2017
How to identify and address overlooked web security vulnerabilities
Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them. Continue Reading
-
News
04 May 2017
Google Docs phishing attack grants attacker full Gmail access
A Google Docs phishing attack abused OAuth to give malicious actors full access to a victim's Gmail account and contacts, but Google claims to have blocked the attacks. Continue Reading
-
Podcast
03 Mar 2017
Risk & Repeat: Cloudflare bug poses incident response challenges
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Cloudflare bug that leaked an undetermined amount of customer data over several months. Continue Reading
-
News
03 Mar 2017
Cloudflare security team calms fears over Cloudbleed bug
Cloudflare security researchers continue investigations as CEO calms fears over potential exposure of sensitive personal data by the Cloudbleed bug, though doubts remain. Continue Reading
-
News
24 Feb 2017
Project Zero discovers Cloudflare bug leaking sensitive customer data
The Cloudflare bug in CDN is fixed after causing sensitive customer data to leak. Google Project Zero discovered the flaw, and users were warned to change passwords. Continue Reading
-
Tip
21 Apr 2016
Breaking down the DROWN attack and SSLv2 vulnerability
A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take. Continue Reading
-
News
20 May 2015
Google changes Chrome extension policy amid security concerns
Google's new Chrome extension policy mandates that all users and developers must install web browser extensions from the Chrome Web Store. Continue Reading
-
Feature
21 Apr 2014
Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace
This is an excerpt from the book Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace by Todd G. Shipley and Art Bowker. Continue Reading
-
News
15 Nov 2011
Podcast: Inside the DNS Changer botnet takedown
Security Wire Weekly podcast: Trend Micro Advanced Threats Researcher Paul Ferguson discusses how the DNS Changer botnet takedown happened and why an even more dangerous botnet era may be beginning. Continue Reading
-
Answer
02 Jun 2010
Secure DMZ Web server setup advice
Network security expert Anand Sastry describes how to ensure a secure DMZ Web server setup involving network attached storage (NAS). Continue Reading
-
Answer
09 Apr 2007
How can hackers bypass proxy servers?
Hackers are bypassing proxy servers all the time and doing so for a variety of reasons. In this SearchSecurity.com expert Q&A, Ed Skoudis points out the holes in your protective filtering tools. Continue Reading
