Collaborate Disseminate
Many organizations have cloud security on their minds going into 2022. In April 2021, for instance, Gartner predicted that global end-user spending on cloud management and security services would reach $18 million the following year. That’s a growth of 30% over the previous two years. The forecasts discussed above raise an important question. Where exactly […]
The post 3 Cloud Security Trends to Watch in 2022 appeared first on Security Intelligence.
Web app attacks against UK businesses have increased by 251% since October 2019, putting both organizations and consumers at risk, an Imperva reserach reveals. In a study of nearly 4.7 million web application-related cyber security incidents, Imperva R… Continue reading Web app attacks are skyrocketing, it’s time to protect APIs
Several days have passed since the dramatic reveal of CVE-2021-44228 (aka Log4Shell), an easily exploitable (without authentication) RCE flaw in Apache Log4j, a popular open-source Java-based logging utility that’s seemingly used by most enterpri… Continue reading Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation
A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild – for now, fortunately, primarily to deliver coin miners. Reported to the Apache Software Foundati… Continue reading Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)
Do you trust your cache? To meet the demands of the end-users and speed up content delivery, content caching by web servers and content delivery networks (CDN) has become a vital part of the modern web. To explain how this can create vulnerabilities when it comes to data security requires first asking another question. Namely, […]
The post Data Security: Defending Against the Cache Poisoning Vulnerability appeared first on Security Intelligence.
Continue reading Data Security: Defending Against the Cache Poisoning Vulnerability
Radware has published results from its report which provides an overview of the DDoS attack landscape, application attack developments, and unsolicited network scanning trends. “More DDoS attacks were blocked during the first nine months of 2021 than a… Continue reading Blocked DDoS events up 75% in the first nine months of 2021
The vast majority of organizations are increasing their investment in application security this year, but they continue to struggle to fully embrace secure innovation. A market study released by Invicti Security examines how companies are contending wi… Continue reading Organizations making security trade-offs in the push to innovate
The definitive OWASP Top 10 2021 list is out, and it shows that broken access control is currently the most serious web application security risk. How is the list compiled? “We get data from organizations that are testing vendors by trade, bug bo… Continue reading OWASP Top 10 2021: The most serious web application security risks
I recently was doing a pentest and was continuously looking up translations for words, and thought “there has to be a better way…”. That is when I landed on BurpelFish, which adds a google translate context option to your BurpSuite’s right click. When … Continue reading How to configure BurpelFish
A study by Fastly and ESG, based on insights from information security and IT professionals representing hundreds of organizations globally, revealed growing concerns around adequately securing the rapidly rising number of mission-critical cloud servic… Continue reading Application security tools ineffective against new and growing threats