Threat report details how malicious actors exploit weaknesses to breach systems and offers prevention tips for the new year
Santa Clara, Calif., Jan. 16, 2019 – WhiteHat Security, the leading application security provider committed to securing digital business, today released new threat research titled Top 10 Application Security Vulnerabilities of 2018, detailing the most common web exploits used by malicious attackers during the past 12 months. This research will educate the market on avoiding hacks, like those that affected British Airways, Ticketmaster, the United States Postal Service (USPS) and more, due to these vulnerabilities and includes valuable prevention tips for enterprises to implement in the new year.
Examples of Top Application Vulnerabilities for 2018:
1. jQuery File Upload RCE – CVE-2018-9206
jQuery File Upload is a popular open source package that allows users to upload files to a website – however, it can be abused by creating a shell that is uploaded to run commands on the server. This vulnerability can be traced back to 2015, and all versions prior to 9.22.1 are vulnerable.
3. WordPress DoS – CVE-2018-6989
In 2018, WhiteHat analyzed and validated several million attack vectors across multiple market sectors. The WhiteHat Security platform is powered by a combination of automation, artificial and human intelligence to ensure that only actionable security threats are reported to its customers.
The Top 10 Application Security Vulnerabilities of 2018 reflect a combination of observed trends from the WhiteHat Security vulnerability data lake and the active customer feedback on the threats across their enterprise application portfolio.
To read the complete Top 10 Application Vulnerabilities of 2018 report, and see the recommendations for remediation, visit: https://www.whitehatsec.com/blog/whitehat-security-top-10-application-security-vulnerabilities-of-2018/
About WhiteHat Security
WhiteHat Security has honed its 17 years of experience in the application security space to provide developers with the tools and services they need to write and deliver the most secure software at the speed of business. The award-winning WhiteHat Application Security Platform, which has been featured on the Gartner Magic Quadrant for Application Security Testing for the last five years, is empowering true DevSecOps by continuously assessing the risk for organizations’ software assets and helping them to embed security throughout–and beyond– the software life cycle (SLC). The company is based in San Jose, California, with regional offices across the U.S. and Europe. For more information on WhiteHat Security, please visit www.whitehatsec.com, and follow us on Twitter, LinkedIn and Facebook.