In-brief: A security researcher discovered a database containing information on 190 million voters. But whose data is it?
web applications
CERT Warns Wind Turbines Open to Compromise
In-brief: Wind turbines made by the UK firm XZERES Wind are susceptible to common, web-based attacks including cross site scripting, according to a warning published by the Industrial Control System CERT (ICS-CERT).
Last of OWASP’s Top 10 Still a Potent Threat
In-brief: Open redirects and forwards may be at the bottom of OWASP’s Top 10 list of web application security vulnerabilities, but they are still a potent and widespread problem, says Akamai’s Or Katz, who offers some suggestions for fixing it.
Study: Serious Web Security Flaws Rampant on Embedded Devices
In-brief: three quarters of embedded systems that sport web interfaces tested by researchers at universities in Germany and France contained serious security vulnerabilities, according to a new study. The results raise more questions about the security of embedded devices including home routers and home surveillance cameras.
Better Web Application Security in 14 Steps
In-brief:In-brief: In this, the last in a three-part series on REST API, Neeraj Khandelwal of Barracuda Networks examines how web application security design can help secure REST APIs and provides tips for securing web applications. You can read Neeraj’s previous posts (here and here).
