Independent hackers are the third pillar of security, which is often not treated seriously enough. Every business knows that to maintain security, you need the primary pillar: the right employees. Some businesses know that these employees also need the second pillar: the right tools such…

Read More →

Cybersecurity is a big business and it’s going to get bigger. Individual users, small business owners, and IT professionals at international corporations know that threats occur every day. Staying ahead of those threats is the only way to protect proprietary data, network integrity, and network…

Read More →

Security vulnerabilities in RESTful APIs (Application Programming Interfaces) introduce the same risks as security issues in websites and other web applications: sensitive data theft, manipulation, and more. Therefore, it is very important to know how to test them efficiently. However, some characteristics of REST APIs…

Read More →

Finding and proving application security vulnerabilities requires a lot of skill. However, many of them are easy to exploit. If you want to write better code, you should know how others may prey on your mistakes. We compiled a Top-10 list of web applications that…

Read More →

A buffer overflow vulnerability occurs when you give a program too much data. The excess data corrupts nearby space in memory and may alter other data. As a result, the program might report an error or behave differently. Such vulnerabilities are also called buffer overrun….

Read More →

WP Live Chat for WordPress is a very popular plugin used by many companies to provide online support. Currently, it has more than 50000 active installations. Very recently, researchers from Alert Logic found an authentication bypass vulnerability in this plugin. This vulnerability may be used…

Read More →

You are a developer. You put a lot of effort into making sure that your code is safe. You never trust user input, you use the best security-related development libraries. And then you make one small typo and everything is ruined. This is not fiction….

Read More →

The Low Orbit Ion Cannon (LOIC) is a tool that was developed by Praetox Technologies as a network stress testing application and then released into the public domain. This application is available as open source on Sourceforge.net and often used by malicious parties for DoS…

Read More →

A slow HTTP Denial of Service attack (DoS), otherwise referred to as the Slowloris HTTP attack, makes use of HTTP GET requests to occupy all available HTTP connections permitted by a web server. It takes advantage of a vulnerability in thread-based web servers, which wait…

Read More →

Black Hat, founded by Jeff Moss (Dark Tangent), is one of the biggest and best-known cybersecurity conferences in the world. Organized in the USA since 1997 and in Europe and Asia since 2000, it is perceived as aimed at the corporate world but it caters…

Read More →