SQL injection

A series of attack on the web application security provider Barracuda Networks turn to be a paradox case for many observers. The company whose main task to protect others suffered an attack that appears to have exposed sensitive data concerning the company's partners and employee login credentials.

Google has released a new application developed to search for vulnerabilities in the websites. An open source security scanner known as Skipfish was designed as "security reconnaissance tool". It generates an interactive map of an application based on checks for certain security flaws, involving everything from self-signed SSL certificates to server-side SQL and XML injection.

While the scanner performs a recursive crawl of a site, it can also probe a list of pre-defined links.

According to recent data provided in the research by the security vendor Webroot 73% of the polled said Web-based threats are more difficult to manage than those coming via email.

23% of the respondents acknowledged their companies were vulnerable to attacks on web 2.0 applications including social networks such as Facebook Artwork with a quarter saying they were open to hackers that exploit Artwork.