March 08, 2013

Nearly all apps vulnerable to exploit

A new report found that an overwhelming majority of applications – 99 percent – revealed vulnerabilities when tested.

Cenzic, a Campbell, Calif.-based application security company, on Wednesday released the “Cenzic Application Vulnerability Trends Report 2013,” which analyzed data collected by its research team. In addition to 99 percent of all applications tested in 2012 having one or more serious security vulnerabilities, the firm found that the median number of vulnerabilities per application was 13.

According to the report, cross-site scripting (XSS) flaws were detected most often, accounting for 26 percent of all app vulnerabilities last year. When an attacker leverages an XSS vulnerability to exploit an app, they inject it with malicious code to potentially access private user data stored in the browser, like cookies or session tokens.

Related Articles
Related Topics

More in News

Operators again revive Pushdo botnet, use a popular tactic to stay hidden ...

Botnet operators are using a domain-generation algorithm to conceal their command-and-control center. And once they knew security researchers were on to their tricks, they got even slicker.

Mac spyware discovered on Angolan dissident's computer at Oslo Freedom Forum

Mac spyware discovered on Angolan dissident's computer at ...

Security researchers are studying an apparent new strain of Mac malware that turned up on the computer of a participant at the just-concluded Oslo Freedom Forum, an annual human rights ...

Judge in London sentences LulzSec members

Judge in London sentences LulzSec members

The sentences range from 20 to 32 months, with none of the defendants likely to serve the full time. There has been no formal request to extradite the U.K. men ...