This post was originally published on the AppSec-Labs blog. As you may have heard it was recently advertised that AliExpress, one of the world’s largest online shopping websites, was found to have substantial security shortcomings. As one of the people who discovered the Cross-Site Scripting (XSS) vulnerability, I would like to discuss and elaborate
Application security has become a huge challenge for IT companies worldwide. More and more exploits, causing widespread financial and technical damage, are being reported on almost a daily basis. While primarily taking these security issues head-on, Checkmarx is also providing an interactive solution to promote secure coding standards within organizations.
Many applications today possess critical vulnerabilities – SQL injections (SQLi), Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) being just a few of them. The first step in combating these security issues is getting to know how they work and learning about them from real life scenarios. Unfortunately, not all developers today are familiar with the
The Android platform has taken the world by storm in recent years. It was announced at Google’s recent 2014 I/O developer conference that over 538 million Android devices are currently in use worldwide. Android has now leapfrogged Apple’s iOS in the US, where it currently has almost 52% of the smartphone market share.
How do security researchers stay motivated and interested? For some of us, it seems like one XSS flaw or SQL injection would look exactly like the next, but the thrill of discovering these security vulnerabilities is more than enough to keep the fire going for some researchers. Osanda Malith Jayathissa, a security researcher and graduate