46% of all on-prem databases are vulnerable to attack, breaches expected to grow

46% of all on-prem databases globally are vulnerable to attack, according to a research by Imperva. A five-year longitudinal study comprising nearly 27,000 scanned databases discovered that the average database contains 26 existing vulnerabilities. 56% of the Common Vulnerabilities and Exposures (CVEs) found were ranked as ‘High’ or ‘Critical’ severity, aligned with guidelines from the […]

Continue Reading

Top tips for preventing SQL injection attacks

In the wake of the Colonial Pipeline attack and other high-profile cases, IT teams may be scrabbling to shore up their endpoint protection. But those in the developer community know security weaknesses don’t begin and end there; write code improperly or with insufficient security, and you’re also coding in future web attacks. Web vulnerabilities are […]

Continue Reading

Cyberattack traffic targeting video game industry surged during the pandemic

Cyberattack traffic targeting the video game industry grew more than any other industry during the COVID-19 pandemic. According to Akamai’s report, the video game industry suffered more than 240 million web application attacks in 2020, a 340% increase over 2019. Mobile games incorporating in-app purchases are also subject to a consistent barrage of attacks, according […]

Continue Reading

3.4 billion credential stuffing attacks hit financial services organizations

Akamai published a report that provides an analysis of both global and financial services-specific web application and credential stuffing attack traffic, revealing significant increases across the attack surfaces year over year from 2019 to 2020. By the numbers In 2020, there were 193 billion credential stuffing attacks globally, with 3.4 billion hitting financial services organizations […]

Continue Reading

SQL injection issue in Anti-Spam WordPress Plugin exposes User Data

‘Spam protection, AntiSpam, FireWall by CleanTalk’ anti-spam WordPress plugin could expose user sensitive data to an unauthenticated attacker. A Time-Based Blind SQL Injection in ‘Spam protection, AntiSpam, FireWall by CleanTalk’ WordPress plugin, tracked as CVE-2021-24295, could be exploited by an unauthenticated attacker to access user data. The flaw could be exploited by an attack to […]

Continue Reading

Open Source Software Vulnerabilities Leads to RCE

  Various vulnerabilities in open source video platforms YouPHPTube and AVideo could be utilized to accomplish remote code execution (RCE) on a client’s gadget. It can take an average of more than four years for vulnerabilities in open-source software to be detected, an area in the security community that needs to be addressed, researchers say. […]

Continue Reading