TMCnet News
WhiteHat Security Announces The Tenth Annual Top 10 Web Hacking Techniques For 2015SANTA CLARA, Calif., April 20, 2016 /PRNewswire/ -- WhiteHat Security, the only application security provider that combines the best of technology and human intelligence, today announced the Top 10 List of Web Hacking Techniques for 2015. The number one threat identified over the last year is FREAK (Factoring Attack on RSA-Export Keys), a substantial security vulnerability that left users of modern browsers open to attack when visiting millions of websites. Now in its tenth year, the Top 10 Web Hacking Techniques takes a step back from the implications of an attack to understand how they happen. As the only list of its kind in the industry, the Top 10 provides a centralized knowledge base, captures year-to-year trends in the Web security industry and recognizes the security experts that work at the forefront of Web security research. The list is chosen by the security research community, coordinated by WhiteHat Security. "Every year, the security community produces a stunning number of new techniques that are published in various white papers, blog posts, articles and conference presentations," said WhiteHat Security Manager, Threat Research Center, Johnathan Kuskos, who leads this community effort. "Within these thousands of pages are the newest, most creative ways to attack websites, browsers and their mobile equivalents. We created the Top 10 Web Hacks as a way to encourage information sharing within the InfoSec community, help IT professionals stay up-to-date with the recommended fixes and recogize the researchers who contribute excellent work in uncovering vulnerabilities." After receiving 39 submissions detailing hacking techniques discovered in 2015, the following hacks were voted into the top 10 spaces:
In a continuation of the trend from previous years, a branded vulnerability has taken both the first and second spot. In 2014, Heartbleed, ShellShock and Poodle took the first three places. This year, the judges placed FREAK, the SSL/TLS vulnerability in the first position, citing its novelty, pervasiveness and potential for widespread abuse as the key reasons for its high ranking. "One of the key trends from the list this year is that legacy code continues to haunt the industry and we will remain living in the age of downgrade attacks, such as FREAK, for quite some time," added Kuskos. "Of all the hacks in 2015, it's the web hacks that are really making the headlines. Hackers just aren't interested in hacking an individual's 'My Documents' folder these days; they know they can do far more damage by gaining access to Facebook, Gmail, Dropbox, and other web or cloud-based applications." For more information:
About WhiteHat Security Logo - http://photos.prnewswire.com/prnh/20160222/336045LOGO
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/whitehat-security-announces-the-tenth-annual-top-10-web-hacking-techniques-for-2015-300254223.html SOURCE WhiteHat Security |