OWASP Top 10 web application security risks

The OWASP Top 10 2017 is a list of the most significant web application security risks. How are you addressing these top 10 web app vulnerabilities? The Open Web Application Security Project (OWASP) is a nonprofit community of software developers,… Continue reading OWASP Top 10 web application security risks

It’s past time to pay much more attention to API security

Organizations manage 363 APIs, on average. But vulnerable APIs can expose your data to anyone who knows how to ask for it. API security starts with the basics. The original version of this post was published in Forbes. It’s obvious that just abou… Continue reading It’s past time to pay much more attention to API security

The Changing Face of Web Application Security

We all understand that security is driven by balancing risk with compliance requirements, and protecting important assets while minimizing the financial cost, but recent developments suggest that a shift in emphasis is occurring within web application… Continue reading The Changing Face of Web Application Security

Credential Stuffing Campaign Targets Financial Services

Over the last few weeks, Radware has been tracking a significant Credential Stuffing Campaign targeting the financial industry in the United States and Europe. Background Credential Stuffing is an emerging threat in 2018 that continues to accelerate a… Continue reading Credential Stuffing Campaign Targets Financial Services

Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info

Tumblr today published a report admitting the presence of a security vulnerability in its website that could have allowed hackers to steal login credentials and other private information for users’ accounts.

The affected information included users ema… Continue reading Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info

IIS attacks surge from 2,000 to 1.7 million over last quarter

IIS, Drupal, and Oracle WebLogic web technologies experienced increased attacks in Q2 2018. According to a new threat report from eSentire, IIS attacks showed a massive increase, from 2,000 to 1.7 million, since last quarter. Exploit campaigns observed… Continue reading IIS attacks surge from 2,000 to 1.7 million over last quarter

DevOps and digital transformation initiatives are creating insecure apps

WhiteHat Security released its 2018 Application Security Statistics Report, “The Evolution of the Secure Software Lifecycle,” which identifies the security vulnerabilities and challenges introduced into the enterprise through traditional applications, … Continue reading DevOps and digital transformation initiatives are creating insecure apps

The ultimate fallout from the Facebook data breach could be massive

Less than a week ago, Facebook announced that unknown attackers have managed to string together three bugs affecting the social media platform, which allowed them to steal access tokens of at least 50 million users – and likely more. The tokens a… Continue reading The ultimate fallout from the Facebook data breach could be massive

The ultimate fallout from the Facebook data breach could be massive

Less than a week ago, Facebook announced that unknown attackers have managed to string together three bugs affecting the social media platform, which allowed them to steal access tokens of at least 50 million users – and likely more. The tokens a… Continue reading The ultimate fallout from the Facebook data breach could be massive

Are Your Applications Secure?

Executives express mixed feelings and a surprisingly high level of confidence in Radware’s 2018 Web Application Security Report.  As we close out a year of headline-grabbing data breaches (British Airways, Under Armor,  Panera Bread), … Continue reading Are Your Applications Secure?