This is part-2 of a 2 part series that continues to discuss cloud threats and how they affect web applications in the cloud. The following addresses insecure API’s and Management Plane, deepening the threat landscape. Management Plane – Security Perspective The cloud API management plane…
Sail Smooth with Cloud Threats – Cloud Security Issues
This is part-1 of a 2 part series that introduces the cloud and the types of threats and cloud security issues that opens the web application to compromisation. The following post addresses hypervisor breakouts, also known as VM escape. Cloud Introduction Cloud computing is the…
Acunetix Receives Software Informer Editor’s Pick Award
Software Informer’s Editor Pedro Castro scores Acunetix Web Vulnerability Scanner 4.4 out of 5 in points and awards it the Editor’s Pick Award for excellence. “All in all, there is no doubt that Acunetix Web Vulnerability Scanner belongs to the must-have group of security software.It…
What is Cryptojacking?
Cryptocurrencies have taken the world by storm in the past few years, making it hard to miss all the buzz around Bitcoin and Blockchain technology. While the cryptocurrencies are far from new to cybercriminals, cryptojacking opens up new ways attackers can easily monetize compromised websites…
The Evolving Security Paradigm, Part 2
This post is part 2 of a two-part series that addresses the rapid changes in security paradigms. The change to security not only affects operation, it increases the level of complexity in security designs. The following post discusses the history of security paradigms and the…
Web-based attacks still reign supreme according to the EU Cybersecurity Agency
Web-based attacks and malware do not just hold the cybercrime crown, but they’re on the rise — that’s according to the latest Threat Landscape Report by the EU Agency for Network and Information Security (ENISA). In its sixth annual report, ENISA also reported that in…
The Evolving Security Paradigm, Part 1 – History of Firewalls
This post is part 1 of a two-part series that addresses the rapid changes in security paradigms. Driven by the need to satisfy new requirements and keep pace with the digital world greatly impacts the level of security. The following post introduces the history of…
PHP Security Part 5: Top Tips
This final part in the series on PHP security concludes with tips for building a web application/system with security in mind. There are certain things which if done during the development cycle of a web application, will dramatically help reduce the risk of being exposed…
Safely handling redirects with die() and exit() in PHP
It is frequently the case within web applications that redirects are used to direct the user to a different portion of the application. A typical example would be that of an application redirecting a user to the login page when accessing a page intended for…