In light of COVID-19 precaution measures, we remind that all ImmuniWeb products can be easily configured and safely paid online without any human contact or paperwork.

Community Edition
Total Tests:
This Week:
Today:
Stay in Touch

Weekly newsletter on AI, Application Security & Cybercrime


Your data will stay confidential Private and Confidential

ImmuniWeb > Security Blog > Page 26

ImmuniWeb Security Blog

Drive-by-login attack: the end of safe web
April 7, 2015 | High-Tech Bridge Security Research

In this blog post, we are going to share some interesting facts about a new vector of drive-by-download attack that we called ‘drive-by-login’.

How much is your website worth on the Black Market?
February 25, 2015 | High-Tech Bridge Security Research

Web applications are becoming a vital part of our everyday life. Almost any application has a web interface, or a web API. Microsoft and Google are moving their flagship products ...

RansomWeb: emerging website threat that may outshine DDoS, data theft and defacements?
January 28, 2015 | High-Tech Bridge Security Research

More and more people become victims of ransomware, a malware that encrypts your data and demand money to decrypt them. A new trend on the market shows that cybercriminals will now ...

How long does website penetration testing take?
January 26, 2015 | High-Tech Bridge Security Research

Penetration testing is usually billed by the number of hours the security auditors (pen testers) spend on a project, many of us face the same question: how long does a penetration ...

Web security and hacking trends for 2015
January 5, 2015 | Ilia Kolochenko

What are biggest risks and threats your web applications will probably face in 2015?

How to keep your website safe in 2015
December 17, 2014 | Ilia Kolochenko

Vulnerability scanning can be very cheap or even free, while penetration testing can be considered quite expensive and time-consuming to plan and execute. However, penetration ...

XSS: the easiest way to hack your website in 2014
November 20, 2014

There is no need to convince people that XSS was, is and probably will be the most frequent web vulnerability. However, many people, including security engineers, team leaders and ...

CVE-2014-3669: Integer overflow in unserialize() PHP function
October 20, 2014 | Symeon Paraschoudis

In this blog post we are going to analyze an integer overflow we discovered in PHP (version <= 5.6.1, 5.5.17, 5.4.33) during our security research campaign which was conducted on ...

Efficiency and effectiveness: the missing combination in a fragile security industry
October 14, 2014 | Kevin Townsend

When Symantec, one of the grand old dames of security, decided to split itself into two separate companies last week, it raised questions about the entire security market. It ...

Plugins and extensions: the Achilles heel of popular CMSs
September 30, 2014 | Kevin Townsend

A by-product of High-Tech Bridge’s ImmuniWeb® web application penetration test SaaS is the frequent discovery of vulnerabilities in popular web applications and CMSs.

Bug bounty programs - the road to hell is paved with good intentions.
September 17, 2014 | Kevin Townsend

Bug bounties are in the news again. Twitter has announced its own new scheme, while Robert Graham of Errata Security claims legal actions brought for loss of personal data will ...

Vested Interests have hijacked Edward Snowden
September 8, 2014 | Kevin Townsend

Microsoft case shows the NSA is not a hacking threat; organized crime remains the biggest problem.

212223242526272829

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Ask a Question