What’s HOT in Application Security Vol#12

90% of all Custom Built Web Application are Wide OpenApplication Security News ImageA�for Attacks!

An astounding 86% of custom built websites are said to have vulnerabilities, said a report issued last week by an American IT company. Nearly 90% of all custom designed web applications tested found positive SQL Injection leaks.


An SQL Injection weakness will allow a potential hacker to compromise the back-end of an application by entering commands, under the guise of being a legitimate query. Generally speaking, these hackers do so with an attempt to get their hands on some seriously sensitive data- personal, credit card data. The SQL Injection business is a million dollar industry and is the thorn in the side of anyone whoa��s creating custom designed web applications.
What can you do to protect your firm?A�Dona��t let your employees go wild creating custom web applications without testing the code during the development state; such a mistake is all too often costly and timely for the company.A�How much is an SQL Injection or other web vulnerability worth protecting against?A�The answer to that is; what price do you put on your reputation?

For more information please go to:
http://www.computing.co.uk/ctg/news/2173851/custom-built-web-applications-vulnerable-attack

Small Businesses are the Biggest Victims when it comes to Hackers

Small and Mid-size businesses already have a serious disadvantage when it comes to Web Application Security when compared to the Big Firms. A Global bank will probably have an entire team dedicated to working round the clock securing the data doing everything from firewalls and Source Code Analysis to Network Security and physical Security. In a small business, the Security may be just one string on an IT executives bow. That lack of manpower and funding leaves the midsize and small business at a serious disadvantage from the start.

If you are the owner of a small business, or you are the one who is responsible for the security in a midsize business, what resources should you exploit to get the best information security coverage?
InfoSecurity said that it is a�?much more important for midsize businesses to make sure that any databases are secure and the code that processes database procedures is checked for any security flawsa��

For more information please go to:
http://midsizeinsider.com/en-us/article/sql-injection-attacks-smbs-are-the-most

Blog Giant WordPress finally addresses its plethora of Vulnerabilities

The word a�?bloga�� and a�?wordpressa�� are pretty much synonymous. Unfortunately for wordpress ita��s also synonymous with web vulnerabilities and bugs. These days, ita��s not just small blog owners who rely heavily on wordpress, many charities and companies also use wordpress as the main face of their internet presence.
The latest version of wordpress is said to be free of the old XSS vulnerabilities. Unfortunately, WordPress sites have previously been the subject of mass attacks in which attackers compromise those sites and infecting visitors using drive-by downloads.

For more information please go to:
http://threatpost.com/en_us/blogs/new-version-wordpress-fixes-slew-security-bugs-042312

FBI seeks unrestricted access to social medias!

An increasing number of people and companies are favoring to communicate via email, instant messaging, video conferencing, tweeting and other social networks rather telephone or face to face meetings. This is making it much harder for the FBI to wiretap Americans suspected of illegal activities. Is it ethical to violate the privacy of citizens to ensure homeland security?

http://blogs.cio.com/web-20/17066/fbi-wants-wiretap-social-media-sites-it-fair

Attackers are going after students using mobile devices

The shift in mobile use amongst students on campus is attracting attackers and ita��s no wonder; ita��s much easier to hack into students using android and mobile devices than the traditional computer or MAC. The IT staff at the University of California State claims that the university experiences approximately 50,000 separate cyber-attacks on a weekly basis.

The aim of the attack is to gain access to any mobile device which is on the university network. For more information please go to;

http://news.idg.no/cw/art.cfm?id=84E71D43-B7CE-613B-4CC8E1918CD5EB80

Public misconception regarding outsourcing

The economy has taken a bashing in the last few years. Many Americans have expressed their anger over IT outsourcing. There also appears to be many conflicting arguments about what outsourcing actually is. According to survey that was held amongst 2,053 UK citizens 80% of the population mistake outsourcing for offshore projects.

58% of the participants thought that outsourcing was a word used to describe call centers in India and 65% associated it with cost-cutting or job losing.

Surprisingly only 27% knew that a company that provides IT support is an example of outsourcing.

http://news.idg.no/cw/art.cfm?id=83B3094A-CBD8-D318-5B629DB5FD0F3CD1

The following two tabs change content below.

Administrator

Latest posts by Administrator (see all)

Jump to Category