Despite the number of vulnerabilities found in a single Web application falling by 25% in 2016 over the previous year, the number of exploitable flaws remains too high, according to WhiteHat Security's 12th Annual Application Security Statistics Report released today.
Cross-site scripting (XSS), which occurs when cybercriminals insert malicious code into webpages to steal data or facilitate phishing scams, has been around almost since the dawn of the web itself.
Lack of resources is the biggest barrier for small businesses’ cybersecurity. So it’s not surprising that the U.S. Congress wants to help by making resources available. New legislation intends to help small businesses strengthen their security. But industry practitioners are skeptical about its impact.
The strain of malicious code, dubbed Petya (and often referred to as Petrwrap, and Notpetya) was first spotted encrypting computers in Ukraine last week before reportedly infecting systems in Spain, Germany, Israel, the UK, Netherlands and the US.
NotPetya, as this new threat was dubbed, is definitely made to look like Petya, and uses some of its code, but has its own specific characteristics.
A virulent new strain of ransomware named Petya wreaked havoc on some of the most-established companies in Europe and North America on Tuesday, capitalizing on the same vulnerabilities that froze hundreds of thousands of computers a month ago.
With a skimmer and Bluetooth technology, crooks can intercept payment transaction details.
While tech skills are a must, successful DevOps engineers also possess the ability to collaborate, multi-task, and always put the customer first.
Here are 9 security certifications that can move your cybersecurity career ahead.
Know your risk, then look to use cases to understand what a security product actually does before you invest in anything.
In this age of destructive and fast-spreading malware, companies are giving whitelisting a second look -- and with cloud-based, peer-to-peer whitelists and reputation scoring, the technology now has a chance to be widely adopted.
Despite Microsoft rolling out a patch for a vulnerability almost two months prior, some companies hadn’t implemented the patch because they still needed to test it in their environment. But that lag is what left the UK’s National Health Service open to attack.