In the headlines: David Jones and T-Mobile hack, remote code execution bugs, WinRAR vulnerability, and more

Australian department store David Jones victim of hack Australian department store giant David Jones has informed customers through a notice on their site, that they were recently hacked. However, they also assured account holders that no financial data had been breached and that there was no need to take any action. The Australian Federal Police […]

Read More →

SQLi – How it works (Part 1)

In this 6 part series on SQLi (SQL Injection) we shall be describing the vulnerability and its variants, showing how it works and what an attacker can do with it. SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements (also commonly referred to as a malicious payload) that […]

Read More →

In the headlines: South Korea’s cyber attacks, DHS networks, Adobe Shockwave Player and more

South Korea has had over 110,000 cyber attacks in the last 5 years A recently released report has revealed that South Korean government agencies were subject to over 114,000 cyber attacks in the last five years. The report, compiled using data from the National Computing and Information Agency shows that the departments targeted most frequently […]

Read More →

XSS in Google Feedburner

A fundamental aspect of web applications which developers should bear in mind is securing the input inserted by the user.  Many times, due to lack of attention or understanding, programmers might ignore the review of the code, resulting in security breaches, which through exploiting represent a threat to the confidentiality of the users’ data and […]

Read More →

Cross-site Scripting and its variants explained

Cross-site Scripting (XSS) has been making the Top 5 list of exploitable vulnerabilities since it was first discovered way back in the 1990s. The term XSS refers to a client-side code injection attack wherein an attacker can execute malicious scripts into a legitimate website or web application. XSS is notoriously amongst the most rampant of […]

Read More →

What preventive steps can SMEs take to reduce the chance of cyber-attack?

Every week the headlines carry news of high profile cyber-attacks, in fact every day cyber criminals compromise thousands of websites – often without the site owner knowing. A recent study of 15,000 websites found nearly half contained a ‘high-severity’ vulnerability waiting to be exploited (Acunetix Web Application Vulnerability Report 2015). The sad fact is that […]

Read More →