New Scanning Tool Protects Websites From Attack

Uploaded on 2022-07-13 in TECHNOLOGY--Developments, FREE TO VIEW

The worldwide cost of cyber crime in 2021 has been estimated at cost the world $6 trillion, reflecting a 300% rise in online criminal activity over the two previous years. Remote working, cloud-based platforms, malware and phishing scams have led to a greatly increased risk of data breaches.

Now, an international team of researchers led by Dr. Yousef Amer of the University of South Australia (UNISA) has developed a scanning tool to make websites less vulnerable to hacking.  The 'black box' security assessment prototype, tested by engineers around the world, is more effective than existing web scanners, which collectively fail to detect the top 10 weaknesses in web applications. 

During their research, Dr. Amer and colleagues from Pakistan, the UAE and Australia found numerous security weaknesses in website applications and how these are costing organisations dearly. The team identified that most of the publicly available scanners have weaknesses and are not doing the job they should. 

Over 70% of organisations have suffered at least one serious security breach on their website, with vulnerabilities tripling since 2017. The researchers estimate that as many as 86% of scanned web pages have on average 56% vulnerabilities. Among these, at least one is classified as critical.  

They found that no single scanner is capable of countering all these vulnerabilities, but their prototype tool caters to all these challenges and is a one-stop guide to ensure 100 % website security. 

There is an urgent need to audit websites and ensure they are secure if these breaches are to be curbed and companies and governments can save millions of dollars. The researchers are now seeking to commercialise their prototype.

NCSC:     Eurekalert:     Newswise:      OpenGovAsia:        I-HLS:     National Cyber Security News

You Might Also Read: 

‘We Hacked Your Website’ Blackmail Scam:

 

« Creating A Culture Of Cyber Security Throughout An Organisation
Exposed: Sensitive Data Of 146,000 Aon Customers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Onapsis

Onapsis

Onapsis is a pioneer in cybersecurity and compliance solutions for cloud and on-premise ERP and business-critical applications.

FedRAMP

FedRAMP

FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

SecureNinja

SecureNinja

SecureNinja provides professional training, certifications & professional services related to all facets of Information Technology and Cyber Security.

Trustelem

Trustelem

Trustelem offers European and global companies a ready-to-use access management service that respects the principles of sovereignty, territoriality and privacy.

Abacode

Abacode

Abacode is a Managed Security Services Provider (MSSP). We help businesses consolidate all of their Regulatory Compliance & Cybersecurity needs, under one roof.

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

Delfigo Security

Delfigo Security

Delfigo Security, a pioneer in intelligent authentication, provides a strong, multi-factor authentication solution to prevent identity theft and reduce fraud.

Kontex

Kontex

Kontex is a Cyber Security consultancy creating resilient solutions. From Strategy, Advisory and Implementation to Management and everything in between.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

Distology

Distology

Distology are an award-winning cloud security distributor bringing a wealth of experience and strong relationships with a huge breadth of partners covering the UK, Ireland and Benelux.

DigitalPlatforms

DigitalPlatforms

DigitalPlatforms SpA is an Italian group with the mission of providing end-to-end solutions and Internet of Things and Cyber technologies to companies that manage critical infrastructures.

Spec

Spec

Spec is the only no-code orchestration platform that protects enterprise fraud defenses from being blocked, bypassed, and manipulated by modern attack tactics.

turingpoint

turingpoint

turingpoint GmbH is a tech enabled boutique consultancy. It was founded by security experts with a focus on cyber security and software solutions.

NuKuDo

NuKuDo

NukuDo redefine the boundaries of cybersecurity talent development. We are dedicated to cultivating top-tier professionals equipped to tackle the complex challenges of cybersecurity.

PDI Technologies

PDI Technologies

PDI Technologies helps convenience retail and petroleum wholesale businesses around the globe increase efficiency and profitability by securely connecting their data and operations.

Orca Fraud

Orca Fraud

Orca is an AI-driven fraud orchestration platform. We empower fraud fighters to outpace fraud using our custom ML models.