web server

CERT Warns Wind Turbines Open to Compromise

In-brief: Wind turbines made by the UK firm XZERES Wind are susceptible to common, web-based attacks including cross site scripting, according to a warning published by the Industrial Control System CERT (ICS-CERT). 

RSA VOHO Attack Graphic

Last of OWASP’s Top 10 Still a Potent Threat

In-brief: Open redirects and forwards may be at the bottom of OWASP’s Top 10 list of web application security vulnerabilities, but they are still a potent and widespread problem, says Akamai’s Or Katz, who offers some suggestions for fixing it. 

Study: Serious Web Security Flaws Rampant on Embedded Devices

In-brief: three quarters of embedded systems that sport web interfaces tested by researchers at universities in Germany and France contained serious security vulnerabilities, according to a new study. The results raise more questions about the security of embedded devices including home routers and home surveillance cameras. 

Panic in the Nursery: Research finds Baby Monitors make Easy Targets

In-brief: Researchers from the security firm Rapid7 revealed the findings of a survey of common wireless baby monitors and nanny-cams, and found a host of serious and, in some cases, remotely exploitable vulnerabilities.

The Challenge of Securing REST APIs

  In-brief: RESTful application program interfaces (APIs) are a key ingredient to building powerful, scalable web-based applications. But they can also open the door to web-based attacks, while also baffling traditional penetration testing tools and processes. In this article, Barracuda’s Neeraj Khandelwal explains why.