Web Application Security

A new vulnerability affecting one of the most popular WordPress plugin “WP Statistics” has been discovered allowing SQL Injection attacks to be potentially used. WP Statistics is a plugin that enables administrators to have information regarding the number of users

Password Reset MITM

Researchers have demonstrated that attackers can set up a malicious website and use users account registration process to successfully perform a password reset process on a number of popular websites and messaging mobile applications. The Password Reset Man in the

‘Do I really need to give this website so much about me?’ That’s exactly what I usually think after filling but before submitting a web form online asking for my personal details to continue. I am sure most of you

Scammers are increasingly abusing consumer awareness of sites that encrypt data sent over the internet using HTTPS, particularly through a spike in phishing attacks that hope to win the confidence of victims by using the protocol on spoofed sites. “For

A student uncovered a security vulnerability in the job placement website of Virgin Media that allegedly exposed “about 30,000 to 50,000” applications featuring personal information such as names, home addresses, email details and telephone numbers. In a blog post published

Nearly 5,900 e-commerce sites has been breached by hackers and installed malware that steals victim’s credit card details, according to a security researcher. According to Dutch security analyst Willem De Groot he said that, the hackers gained access to a

Microsoft is giving its Edge browser a security boost with Windows Defender Application Guard for Windows 10 Enterprise. Other browsers use software-based sandboxes to stay segregated from sensitive areas of the PC, but they “still provide a pathway for malware

‘Яussian Yahoo!’ may just have become world’s biggest breach An eye-watering 98.1 million accounts, and their cleartext passwords, have been stolen from Russia’s biggest web portals Rambler.ru. The breach occurred way back on 17 February 2012 according to breach repository