New Scanning Tool Protects Websites From Attack

The worldwide cost of cyber crime in 2021 has been estimated at cost the world $6 trillion, reflecting a 300% rise in online criminal activity over the two previous years. Remote working, cloud-based platforms, malware and phishing scams have led to a greatly increased risk of data breaches.

Now, an international team of researchers led by Dr. Yousef Amer of the University of South Australia (UNISA) has developed a scanning tool to make websites less vulnerable to hacking.  The 'black box' security assessment prototype, tested by engineers around the world, is more effective than existing web scanners, which collectively fail to detect the top 10 weaknesses in web applications. 

During their research, Dr. Amer and colleagues from Pakistan, the UAE and Australia found numerous security weaknesses in website applications and how these are costing organisations dearly. The team identified that most of the publicly available scanners have weaknesses and are not doing the job they should. 

Over 70% of organisations have suffered at least one serious security breach on their website, with vulnerabilities tripling since 2017. The researchers estimate that as many as 86% of scanned web pages have on average 56% vulnerabilities. Among these, at least one is classified as critical.  

They found that no single scanner is capable of countering all these vulnerabilities, but their prototype tool caters to all these challenges and is a one-stop guide to ensure 100 % website security. 

There is an urgent need to audit websites and ensure they are secure if these breaches are to be curbed and companies and governments can save millions of dollars. The researchers are now seeking to commercialise their prototype.

NCSC:     Eurekalert:     Newswise:      OpenGovAsia:        I-HLS:     National Cyber Security News

You Might Also Read: 

‘We Hacked Your Website’ Blackmail Scam:

 

« Creating A Culture Of Cyber Security Throughout An Organisation
Exposed: Sensitive Data Of 146,000 Aon Customers »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

K&D Insurance Brokers

K&D Insurance Brokers

K&D provide insurance for all sectors of industry and commerce including cyber risk cover.

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

FixMeStick

FixMeStick

FixMeStick is a virus removal device, a USB key that removes malware conventional antivirus software often can’t detect.

Somansa

Somansa

Somansa is a global leader in Data Security and Compliance solutions designed to protect valuable company information from leakage and help meet regulatory compliance requirements.

Yaxa

Yaxa

Yaxa protects your critical digital assets from Insider Threats by thwarting the attack in real-time.

Tehtris

Tehtris

TEHTRIS XDR Platform was developed to control and improve the IT security of private and public companies against advanced cyber threats such as cyber espionage or cyber sabotage activities.

Open Raven

Open Raven

Open Raven is the cloud native data security platform that prevents breaches driven by modern speed and sprawl. Restore full visibility and regain control within minutes, without agents.

Quantum Xchange

Quantum Xchange

As the provider of unbreakable quantum-safe encryption, Quantum Xchange gives commercial enterprises and government agencies the ultimate defense to keep high-value data safe.

Q-Net Security

Q-Net Security

Protect your critical networks. Q-Net Security make hardware that provides the strongest drop-in security for your existing critical infrastructure.

Cybermerc

Cybermerc

Cybermerc's services, training programmes and cyber security solutions are designed to forge collaborations across industry, government and academia, for collective defence of our digital borders.

Xopero Software

Xopero Software

Xopero Software develops a comprehensive range of professional tools for protecting and restoring critical business data.

Cyber Resilience Centre for Wales (WCRC)

Cyber Resilience Centre for Wales (WCRC)

The Cyber Resilience Centre for Wales (WCRC) is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Zaviant Consulting

Zaviant Consulting

Zaviant Consulting is a leading data security and privacy consulting firm assisting organizations comply with constantly evolving security frameworks and privacy regulations.

Digital Silence

Digital Silence

Digital Silence is a world-class provider of information security research and consulting services.

Stryve

Stryve

Stryve is a leading carbon-neutral provider of specialist cloud and cybersecurity services in Europe.

Rootshell Security

Rootshell Security

Rootshell Security is transforming vulnerability management with its vendor-agnostic Prism Platform and industry-leading offensive security assessments.