New Scanning Tool Protects Websites From Attack

Uploaded on 2022-07-13 in TECHNOLOGY--Developments, FREE TO VIEW

The worldwide cost of cyber crime in 2021 has been estimated at cost the world $6 trillion, reflecting a 300% rise in online criminal activity over the two previous years. Remote working, cloud-based platforms, malware and phishing scams have led to a greatly increased risk of data breaches.

Now, an international team of researchers led by Dr. Yousef Amer of the University of South Australia (UNISA) has developed a scanning tool to make websites less vulnerable to hacking.  The 'black box' security assessment prototype, tested by engineers around the world, is more effective than existing web scanners, which collectively fail to detect the top 10 weaknesses in web applications. 

During their research, Dr. Amer and colleagues from Pakistan, the UAE and Australia found numerous security weaknesses in website applications and how these are costing organisations dearly. The team identified that most of the publicly available scanners have weaknesses and are not doing the job they should. 

Over 70% of organisations have suffered at least one serious security breach on their website, with vulnerabilities tripling since 2017. The researchers estimate that as many as 86% of scanned web pages have on average 56% vulnerabilities. Among these, at least one is classified as critical.  

They found that no single scanner is capable of countering all these vulnerabilities, but their prototype tool caters to all these challenges and is a one-stop guide to ensure 100 % website security. 

There is an urgent need to audit websites and ensure they are secure if these breaches are to be curbed and companies and governments can save millions of dollars. The researchers are now seeking to commercialise their prototype.

NCSC:     Eurekalert:     Newswise:      OpenGovAsia:        I-HLS:     National Cyber Security News

You Might Also Read: 

‘We Hacked Your Website’ Blackmail Scam:

 

« Creating A Culture Of Cyber Security Throughout An Organisation
Exposed: Sensitive Data Of 146,000 Aon Customers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

AA Certification (AAC)

AA Certification (AAC)

AAC provide ISO Quality Management System certification services including ISO 27001.

AcceptLocal

AcceptLocal

AcceptLocal is a payments industry consultancy with expertise in payment processing, payment security, anti-money laundering and fraud prevention.

Ikarus Security Software

Ikarus Security Software

Ikarus focuses on antivirus and content-security solutions.

Total Defense

Total Defense

Total Defense solutions include anti-malware, anti-virus, intrusion prevention & mobile security.

Hunters.AI

Hunters.AI

Hunters is the world's first autonomous hunting solution that leverages top-tier cyber expertise and AI to uncover hidden cyber threats.

Industry IoT Consortium (IIC)

Industry IoT Consortium (IIC)

The Industry IoT Consortium is the world's leading organization transforming business and society by accelerating the Industrial Internet of Things (IIoT).

DataDome

DataDome

DataDome offers real-time AI protection against all OWASP automated threats, including credential stuffing, layer 7 DDoS attacks, SQL injection & intensive scraping.

ARCON

ARCON

ARCON offers a proprietary unified governance framework, which addresses risk across various technology platforms.

Intracom Telecom

Intracom Telecom

Intracom Telecom is a global telecommunication systems & solutions vendor offering a complete range of professional services and solutions including Information Security.

StrataCore

StrataCore

StrataCore is a single-source technology lifecycle advocate that works behind IT teams as a strategic partner to help them achieve peak enterprise outcomes.

Cyberi

Cyberi

Cyberi provide specialist technical consultancy and cyber advisory services, from penetration testing and assurance to incident management and response, and technical security research.

Mage Data

Mage Data

Mage (formerly Mentis Software) is a leading solutions provider for data security and data privacy software for global enterprises.

KingsGuard Solutions

KingsGuard Solutions

KingsGuard Solutions is a San Diego Cybersecurity company that specializes in complex and innovative security solutions for companies throughout Southern California.

Bulletproof Solutions

Bulletproof Solutions

Bulletproof provides IT expert support, services, and guidance to businesses small and large as they grow and adapt to today’s complex IT, cybersecurity, and compliance needs.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.

Idenhaus Consulting

Idenhaus Consulting

Idenhaus specializes in Cybersecurity and Identity Management (IAM) Consulting.