Web Security Review

Image source: www.blog.webreakstuff.com
This is an alarming news, everyone. We all know about Youtube, right? Well, it’s dangerous as MySpace, FaceBook, or any online community now. Given that Youtube also allows “pg 13” stuffs, but that’s not the danger we’re talking about. That’s right. Some of the pages in Youtube have links that opens malicious machines into your computer. These machines have the ability to save your computer’s keystrokes, copies data, or even control your computer for another hacking scheme. Some people can separate the real and the fraud just by looking in the URL in the status bar, but it is much safer if you just search it in youtube itself. You know why? Some hackers make their preys open these links by making them their friends first. They just did this just because this is the time of election in the US, and youtube-users provide videos about the election, or their insight.

Anyone should be aware of the frustrations associated with making it work properly and effectively if you have developed any kind of web system or a basic web site. A minor testament to the problems is the Compendium Developments, that plague even simple information sites like this one. Trying to help the readers, taking them through the many aspects of delivering a Quality Web System and using a single example case study, to help them meet a desired level of quality this is not aimed solely at testers but does illustrate how to go about testing web sites and systems.

Specifications, implementation, and maintenance problems can all cause disastrous problems when it comes to Web Application Security. Has your software evolved over years and years of development? You are not alone. Most software has features added with use and grows more complex as time goes on. In-house testers tend to gravitate toward their area of expertise and just like clusters of tests executed, bugs are found in a concentrated portion of your software.

With software security, especially of application exposed to a large audience via a Web browser, increased reliability comes from decreasing the correlations between tests. And not all bugs are born alike. Deque Web Application Security Reviews can help detect bugs that have the largest negative impact.

We can help you define your security objectives and standards, code reviews, security penetration testing, and a security deployment review. You may also want to explore how Deque Worldspace Security Practice can help identify code vulnerabilities for common attacks like cross site scripting (XSS) and SQL Injection.

Source: deque.com

For readers with a MySpace or Facebook account, please be vigilant and careful when accepting apps or widgets from your friends; they main contain Trojan viruses that steal information from your site and then send it all back to the one who created it. They usually do this by sending Trojans through apps or widgets that your friends sent you. According to researchers at Finjan, cyberattackers are now going to these social networking sites such to get more victims.

“Attacks will become more sophisticated by combining several services in order to heighten infection ratios and decrease the detection rate, while providing more robust and scalable attack frameworks,” Yuval Ben-Itzhak, chief technology officer, Finjan, said in a news release. “The focus will be on trojan technology as it enables maximum flexibility in terms of command and control. This adds another potentially malicious element to the ‘legitimate’ web traffic that needs to be examined by security solutions.”

In short, before installing the app or widget that your friend sent you, confirm if it came from them. If it didn’t, kindly delete it immediately. If it did come from them, research on the app or widget from previous users.

Source