Download
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Download
Need help eliminating risk in your IT environment? This ForwardView webshow describes how security appliances, which incorporate an array of security functions, can help you ward off security breaches without...
Download
Having analyzed the global threat landscape for almost a decade, MessageLabs Team Skeptic™ is comprised of many world-renowned malware and spam experts who have a global view of threats across...
Download
Organised ubiquity is a must for organisations to sucessfully "project" their users in any given landspace, at any given time, with secuirty policy. This White Paper covers issues surrounding secure...
Download
This white paper reviews the content security threat landscape and how it has evolved into a more dangerous and high risk environment. The paper discussed how conventional content security approaches...
Download
Anti-Automation defenses are critical in today's web application security landscape. Breach Security's product line is uniquely positioned to help organizations address these automated types of attacks. Only through the combination...
Download
The Web Hacking Incident Database (WHID) is a project dedicated to maintaining a list of web application-related security incidents. The WHID's purpose is to serve as a tool for raising...
Download
This paper shows how easy it is to penetrate the average website and gain information about the underlying database structures inside a network firewall. The nation of SQL injection isn't...
Download
Brute force. Denial of service. Bot attacks. Are automated programs attacking the web applications? An overwhelming number of companies can't identify when automated attackers are threatening their system. This webcast...
Download
Network IDS/IPS and first-generation Web Application Firewalls (WAFs) don't protect against today's sophisticated web application threats, such as cross-site scripting, injection flaws and other vulnerabilities listed on the OWASP Top...
SQL injections attack middleware and cause the SQL server to create a fake name and an address filed in the middleware database where, for example, credit card details could be stored. Security expert Wray said although most companies are aware of...
This is a zero-day exploit that infects machines using SQL injections. It then performs an IP scan looking for other computers to infect and begins another process of SQL injections. MySpool, which runs a file called spoolcll.exe, enters MySQL...
The worm exploits three vulnerabilities to propagate the XML-RPC for PHP Remote Code Injection vulnerability; AWStats Rawlog Plugin Logfile Parameter Input Validation vulnerability; and Darryl Burgdorf's Webhints Remote Command Execution...
XSS is one of the top 10 web application vulnerabilities identified by the Open Web Application Security Project (OWASP), along with injection attacks and malicious file execution. Most security threats that affect web 2.0 are not new.
Kelly also said Facebook had come under attempted cross-site scripting (CSS) and SQL injection attacks, but that the security layer in Facebook's system was successful in intervening and notifying Kelly's security team of such attempts.
Techniques to compromise websites, including Iframe and SQL injection attacks, are becoming more ubiquitous, ScanSafe warned. The fastest-growing category of threats hosted on the sites was backdoor and password-stealing malware, which increased...
Did you find this white paper useful? 
White Paper RSS
