Read more about web application security
Bookmark and Share
  • Persistent XSS flaw in SharePoint 2013 revealed, patched

    16.09.2015

    Among the vulnerabilities patched earlier this month by Microsoft is an important one that endangers users of Microsoft SharePoint 2013, a web application platform in the Microsoft Office server suite that combines a variety capabilities (intranet, extranet, content management, document management, personal cloud, and so on.) CVE-2015-2522 is a persistent cross-site scripting vulnerability that can be exploited by remote attackers, allowing them to do a lot of damage.

  • PayPal stored XSS vulnerability exposed

    03.09.2015

    Bitdefender researchers have located a stored XSS vulnerability in PayPal that leaves the e-payment service open for hackers to upload maliciously crafted files, capable of performing attacks on registered users of the service.

  • Open source Sleepy Puppy tool finds XSS bugs in target apps and beyond

    03.09.2015

    Since Monday, security pros can add another XSS-finding tool to their arsenal, as Netflix has open sourced their cross-site scripting payload management framework dubbed "Sleepy Puppy." Sleepy Puppy is meant to address the biggest problem with identifying omnipresent XSS issues: finding them not only on targeted applications, but also on others that are not available to the tester, but whose presence ultimately also endangers users.

  • How to get better at web application security

    24.08.2015

    Robert Hansen, Vice President of WhiteHat Security Labs, has more than 20 years of web application and browser security experience.

  • Script injection vulnerability discovered in Salesforce

    13.08.2015

    Elastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing attacks to steal end-users' login credentials and hijack accounts.




Spotlight

Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Feb 4th
    COPYRIGHT 1998-2016 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //