In-brief: Open redirects and forwards may be at the bottom of OWASP’s Top 10 list of web application security vulnerabilities, but they are still a potent and widespread problem, says Akamai’s Or Katz, who offers some suggestions for fixing it.
web applications
Study: Serious Web Security Flaws Rampant on Embedded Devices
In-brief: three quarters of embedded systems that sport web interfaces tested by researchers at universities in Germany and France contained serious security vulnerabilities, according to a new study. The results raise more questions about the security of embedded devices including home routers and home surveillance cameras.
Better Web Application Security in 14 Steps
In-brief:In-brief: In this, the last in a three-part series on REST API, Neeraj Khandelwal of Barracuda Networks examines how web application security design can help secure REST APIs and provides tips for securing web applications. You can read Neeraj’s previous posts (here and here).
Update: Photo Bombed Retailers CVS and Costco Admit Customer Data Stolen
In-brief: Pharmacy chain CVS and discount chain Costco acknowledged this week that a July security incident involving a third party firm that provides online photo processing and printing services resulted in the theft of some customer data. (Updated to add comment from Staples and CVS. PFR Sept. 16, 2015)
Panic in the Nursery: Research finds Baby Monitors make Easy Targets
In-brief: Researchers from the security firm Rapid7 revealed the findings of a survey of common wireless baby monitors and nanny-cams, and found a host of serious and, in some cases, remotely exploitable vulnerabilities.
