Shellshock: The Shock Heard Around the World Wide Web

Shellshock reared its ugly on September 24, 2014 when Stephane Chazelas discovered the bug that is also referred to as Bash Bug or Bashdoor.  Its name(s) comes from the fact that this bug affects the Unix Bash shell, which provides an interface for the UNIX operating...

Security Misconfiguration

The fifth most critical web application security risk according to the 2013 Open Web Application Security Project (OWASP) Top 10 list is Security Misconfiguration.  This is only the second time it has made the list, starting in the sixth position on the 2010 list....

Insecure Direct Object References

Insecure Direct Object References have occupied the fourth spot of the Open Web Application Security Project (OWASP) Top 10 list of the most critical web application security risks since 2007; however, these flaws didn’t even make the list when it was first created in...

Broken Authentication and Session Management

Managing user name and passwords has become a cumbersome task in today’s internet-driven world.  However, managing user name and passwords is a necessary evil with the rapid growth in data, advancements in mobile and cloud technologies and the increasing plethora of...