The average Web application has slightly fewer flaws, but more than half continue to remain vulnerable 365 days a year, according to data from Web security firm WhiteHat Security.
Researchers have found that the latest SQLi hits to some organizations have come by way of a new hacking tool that has made it easier than ever for attackers to wage these exploits: via their smartphones.
Organizations made some improvements to their security posture last year, but only marginally, as the average time-to-fix is still too high and remediation rates are too low, according to the 12th annual application security statistics report from WhiteHat Security.
Does the DevSecOps approach make a difference when it comes to improving application security? According to this year’s 12th annual WhiteHat Security “Application Security Statistics Report,” it certainly does.
Despite the number of vulnerabilities found in a single Web application falling by 25% in 2016 over the previous year, the number of exploitable flaws remains too high, according to WhiteHat Security's 12th Annual Application Security Statistics Report released today.
Cross-site scripting (XSS), which occurs when cybercriminals insert malicious code into webpages to steal data or facilitate phishing scams, has been around almost since the dawn of the web itself.
Lack of resources is the biggest barrier for small businesses’ cybersecurity. So it’s not surprising that the U.S. Congress wants to help by making resources available. New legislation intends to help small businesses strengthen their security. But industry practitioners are skeptical about its impact.
The strain of malicious code, dubbed Petya (and often referred to as Petrwrap, and Notpetya) was first spotted encrypting computers in Ukraine last week before reportedly infecting systems in Spain, Germany, Israel, the UK, Netherlands and the US.
NotPetya, as this new threat was dubbed, is definitely made to look like Petya, and uses some of its code, but has its own specific characteristics.
A virulent new strain of ransomware named Petya wreaked havoc on some of the most-established companies in Europe and North America on Tuesday, capitalizing on the same vulnerabilities that froze hundreds of thousands of computers a month ago.