Archive for the ‘Web Security’ Category

A Comprehensive Guide On How to Protect Your Websites From Hackers

October 17th, 2019
Humankind had come a long way from the time when the Internet became mainstream. What started as a research project ARPANET (Advanced Research Projects Agency Network) funded by DARPA has grown exponentially and has single-handedly revolutionized human behavior. When WWW (world wide web) came into existence, it was meant to share information over the Internet, from there part through natural

Posted in AppTrana, cyber security, vulnerability scanner, web application firewall, Web Application Vulnerability, Web Security | Comments (0)

ROPEMAKER Exploit Allows for Changing of Email Post-Delivery

August 23rd, 2017

An exploit dubbed ROPEMAKER relies on taking advantage of email design functionality, namely by remotely changing CSS in HTML-based emails after they’ve been sent.

Posted in css, email security, Exploit, Francisco Ribeiro, HTML, Mimecast, ROPEMAKER, vulnerabilities, Web Security | Comments (0)

ROPEMAKER Exploit Allows for Changing of Email Post-Delivery

August 23rd, 2017

An exploit dubbed ROPEMAKER relies on taking advantage of email design functionality, namely by remotely changing CSS in HTML-based emails after they’ve been sent.

Posted in css, email security, Exploit, Francisco Ribeiro, HTML, Mimecast, ROPEMAKER, Uncategorized, vulnerabilities, Web Security | Comments (0)

ROPEMAKER Exploit Allows for Changing of Email Post-Delivery

August 23rd, 2017

An exploit dubbed ROPEMAKER relies on taking advantage of email design functionality, namely by remotely changing CSS in HTML-based emails after they’ve been sent.

Posted in css, email security, Exploit, Francisco Ribeiro, HTML, Mimecast, ROPEMAKER, Uncategorized, vulnerabilities, Web Security | Comments (0)

Drupal Patches Critical Access Bypass in Core Engine

August 17th, 2017

A critical flaw in Drupal CMS platform could allow unwanted access to the platform allowing a third-party to view, create, update or delete entities.

Posted in access bypass vulnerabilities, access bypass vulnerability, Drupal, Drupal 7, Drupal 8, Drupal Security Team, RESTful Web Services, UUIDs, vulnerabilities, Web Security | Comments (0)

Attackers Using Automated Scans to Takeover WordPress Installs

July 13th, 2017

Attackers have been carrying out WPSetup attacks, taking advantage of users who have installed WordPress but not yet configured it.

Posted in Mark Maunder, SiteLock, Web Security, WordFence, WordPress, Wordpress Security, WPSetup | Comments (0)

WordPress Fixes CSRF, XSS Bugs, Announces Bug Bounty Program

May 18th, 2017

WordPress fixed six vulnerabilities with version 4.7.5 and announced a bug bounty program with HackerOne this week.

Posted in vulnerabilities, Web Security | Comments (0)

Vanilla Forums Software Vulnerable to RCE, Host Header Injection Vulnerability

May 11th, 2017

Vanilla Forums software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute arbitrary code.

Posted in Dawid Golunski, Host Header Injection vulnerability, remote code execution, Vanilla Forums, vulnerabilities, Web Security | Comments (0)

Microsoft’s New Security Update Guides Get Mixed Reviews

May 11th, 2017

Microsoft gets a lukewarm response with its new Microsoft Security Guides that replaced Security Bulletins.

Posted in Microsoft Patch Tuesday, Microsoft security bulletins, microsoft Security Update Guide, Security Update Guide, vulnerabilities, Web Security | Comments (0)

ASUS Patches RT Router Vulnerabilities

May 11th, 2017

ASUS updated the firmware in March of a number of its RT routers to address vulnerabilities found within the device’s native web interface.

Posted in ASUS, ASUS firmware, ASUS patch, ASUS RT routers, ASUS vulnerabilities, Cross-site request forgery, default credentials, firmware updates, firmware vulnerabilities, JSONP vulnerabilities, Nightwatch Cybersecurity, Router Security, Router vulnerabilities, vulnerabilities, Web Security, Wi-Fi passwords | Comments (0)