One hundred percent—all of the applications Positive Technologies tested—had some kind of vulnerability. You might think, “Yeah, but how many of those were real, critical vulnerabilities?” Well, ninety-four percent of web applications tested contained a high-severity software flaw. Eighty-five percent of those same applications contained at least one confirmed, exploitable vulnerability.
Software Exploits
Predicted web application vulnerabilities and cybersecurity trends for 2019
Web application attacks are on the rise. A recent study found that they were the primary cause of reported breaches in 2017 and Q1 2018. This marked increase is partly due to the greater variety in web application vulnerabilities, as new attack vectors are found and exploited.
Don’t leave security behind in your CI/CD environment
Continuous Integration (CI) and Continuous Delivery (CD), or CI/CD, are part of the Agile approach to software development. The most prominent aspect of Agile development—and it’s most important rule—is that it requires software development to be responsive to change through an iterative process.
Here we go again with another Android vulnerability
Many Android devices are susceptible to “Android Installer Hijacking” attacks that have the potential to compromise devices and give illegitimate apps access to sensitive data. This type of attack exploits a vulnerability called “Time-of-Check to Time-of-Use...
Shellshock: The Shock Heard Around the World Wide Web
Shellshock reared its ugly on September 24, 2014 when Stephane Chazelas discovered the bug that is also referred to as Bash Bug or Bashdoor. Its name(s) comes from the fact that this bug affects the Unix Bash shell, which provides an interface for the UNIX operating...
Staples’ Data Breach is a Duplicate of Exploits at Other Major Retailers
A pattern is definitely starting to become apparent in recent data breaches. It starts with banks discovering fraudulent activity on their customers’ credit cards and informing security expert and investigative reporter, Brian Krebs, of KrebsonSecurity.com. He then...
Drupal Websites in Distress after SQL Injection Attacks
More than one million websites are running on Drupal worldwide. So when a security threat is announced regarding this popular open-source content management platform, website administrators around the globe start to scramble. Websites such as the San Francisco...
Attention Kmart Shoppers: Your Data Has Been Breached
The discount retailer known for their Blue Light Specials has been added to the increasingly long list of companies in 2014 that have experienced serious data breaches. On October 9, 2014 Kmart’s IT team discovered that its payment data systems were hacked. They...
Dairy Queen Swept Up in Blizzard of Data Breaches
Known for its delicious frozen treats, the Dairy Queen restaurant chain joins the unenviable group of major retailers that has been hacked. On October 9, 2014, the same day Kmart announced its data breach, Dairy Queen notified its customers that 394 of its 4,500...