What Is Broken Link Hijacking
Broken link hijacking (BLH) is a type of web attack. It exploits external links that are no longer valid. If your website or web application uses resources loaded from external URLs or points to such resources and these resources are no longer there (for example... Read more The post What ... Read More
DevSecOps: How To Get There from DevOps
DevSecOps is a practice that merges the work done by development (Dev), security (Sec), and IT operations teams (Ops) to deliver the most efficient and effective software development practices. But why is it still so rare? Let us take a look at the difficulties of... Read more The post DevSecOps: ... Read More
SQL Injection Cheat Sheet for Developers
In this cheat sheet, we will assume that: You are a developer or you know programming You have limited web application security knowledge You need to know how SQL injection attacks happen You need to know how to fix SQL injection issues in your code... Read more The post SQL ... Read More
Web System Hardening in 5 Easy Steps
To harden a computer system means to make it more difficult for a malicious hacker to attack. In formal terms, system hardening means reducing the attack surface – the attack surface is the combination of all the points where an attacker may strike. Many computer... Read more The post Web ... Read More
nginx Security: How To Harden Your Server Configuration
Currently, nginx is the most popular web server, recently beating Apache. It is lightweight, fast, robust, and supports all major operating systems. It is the web server of choice for Netflix, WordPress.com, and other high traffic sites. An nginx server can easily handle 10,000 inactive... Read more The post nginx ... Read More
What Is Website Security – How To Protect Your Website from Hacking
You protect your every office computer with an antivirus. You install firewalls to prevent unwanted access to your network. But what do you do to protect your website? And what can happen if it’s not protected? This article is aimed at website owners that are... Read more The post What ... Read More
What Is the BEAST Attack
BEAST stands for Browser Exploit Against SSL/TLS. It is an attack against network vulnerabilities in TLS 1.0 and older SSL protocols. The attack was first performed in 2011 by security researchers Thai Duong and Juliano Rizzo but the theoretical vulnerability was discovered in 2002 by... Read more The post What ... Read More
Most Common Security Vulnerabilities – Acunetix Web Application Vulnerability Report 2020
Every year, Acunetix brings you an analysis of the most common web security vulnerabilities and network perimeter vulnerabilities. Our annual Web Application Vulnerability Report is based on real data taken from Acunetix Online. We randomly select websites and web applications protected using our software, anonymize... Read more The post Most ... Read More
Even the Mightiest Fall: An SQL Injection in Sophos XG Firewall
Do you really think you are safe from web vulnerabilities or that they are just minor problems? A few days ago Sophos, one of the world’s most renowned security companies, found an SQL Injection in their product. What is worse, they found the vulnerability because... Read more The post Even ... Read More
What Is SEO Poisoning (Search Engine Poisoning)
Search engine optimization poisoning (SEO poisoning) is a term used to describe two types of activities: Illegitimate techniques used to achieve high search engine ranking, usually (but not only) to attack visitors Exploiting vulnerabilities on existing high-ranking web pages and using them to spread malware... Read More → The post ... Read More
