A Tuesday report from Positive Technologies revealed startling statistics about the safety of personal information in different applications—70% are vulnerable to critical data leaks

The study also found that hackers could access personal data in 44% of the web tested. This includes personalized data from in industries like finance, e-commerce, and telecom.

The report found that all of the applications tested contained — some of higher severity than others.

SEE: Cybersecurity in 2018: A roundup of predictions (Tech Pro Research)

Positive Technologies found the following most vulnerabilities in its research:

  1. Cross-site scripting – 74%
  2. Fingerprinting – 61%
  3. Information leakage – 52%
  4. Brute force – 52%
  5. Cross-site request forgery – 39%
  6. SQL injection – 26%
  7. URL redirector abuse – 17%
  8. OS commanding – 9%
  9. XML external entities – 9%
  10. Path traversal – 9%

Some 48% of tested web applications were not protected from unauthorized access. Additionally, the ability to gain full control was available in 17% of tested applications.

So, why are all of these apps vulnerable to hackers? According to the report, 65% of the vulnerabilities are due to coding errors. An additional third of the errors were due to incorrectly configured web servers, the report said.

“Web application security is still poor and, despite increasing awareness of the risks, is still not being prioritized enough in the development process,” Positive Technologies cybersecurity resilience lead, Leigh-Anne Galloway, said in the report. “Most of these issues could have been prevented entirely by implementing secure development practices, including code audits from the start and throughout.”

The big takeaways for tech leaders:

  • A new report from Positive Technologies claims that 44% of web apps allow hackers to access personal data.
  • All web apps contain vulnerabilities, with cross-site scripting, fingerprinting, and information leakage being the most common.

Also see

webappsec.jpg

Image: iStockphoto/welcomia



Source link https://www.techrepublic.com/article/10-most-common-vulnerabilities-in-web-apps/#ftag=RSS56d97e7

LEAVE A REPLY

Please enter your comment!
Please enter your name here