Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Web applications have become crucial for enterprises to meet customer demands and conduct business on the web. Web apps process data—anything from retail orders to B2B transactions—and store results in a back-end database server where data such as customer information sits.

    However, web apps also introduce security risks like attacks that leverage server and application vulnerabilities. Some of the factors that contribute to the said risks include fast development for apps such that security is overlooked, the existence of legacy and custom-made web apps, and the complex nature of transactions done online.

    Moreover, security often becomes second priority when web developers are commissioned to deliver websites that are fast, scalable, and has good user interface for various users (customers, partners, and employees). There are also cases when IT administrators delay deployment of patches for web-related servers and databases if the patch is unstable or buggy/incomplete.

    Aside from web apps, vulnerabilities in web and database servers can be used by cybercriminals to penetrate enterprise networks, which can result to business disruption, tampered brand image, or the loss of critical data. For instance, the “Apache Killer,” a tool that takes advantage of an Apache HTTP Server vulnerability, enables a denial of service (DoS) attack when exploited. We also spotted a vulnerability in Oracle Database Server’s TNS listener, which can allow access to the database without the need to enter a password or user name.

    In the TrendLabs’ primer Web Applications Vulnerabilities: How’s Your Business on the Web?, we tackled various security risks on web, web application, and database servers and the situations that introduce these risks in the network. It also delves on solutions that can mitigate and protect the network from security loopholes and attacks.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice