New Scanning Tool Protects Websites From Attack

Uploaded on 2022-07-13 in TECHNOLOGY--Developments, FREE TO VIEW

The worldwide cost of cyber crime in 2021 has been estimated at cost the world $6 trillion, reflecting a 300% rise in online criminal activity over the two previous years. Remote working, cloud-based platforms, malware and phishing scams have led to a greatly increased risk of data breaches.

Now, an international team of researchers led by Dr. Yousef Amer of the University of South Australia (UNISA) has developed a scanning tool to make websites less vulnerable to hacking.  The 'black box' security assessment prototype, tested by engineers around the world, is more effective than existing web scanners, which collectively fail to detect the top 10 weaknesses in web applications. 

During their research, Dr. Amer and colleagues from Pakistan, the UAE and Australia found numerous security weaknesses in website applications and how these are costing organisations dearly. The team identified that most of the publicly available scanners have weaknesses and are not doing the job they should. 

Over 70% of organisations have suffered at least one serious security breach on their website, with vulnerabilities tripling since 2017. The researchers estimate that as many as 86% of scanned web pages have on average 56% vulnerabilities. Among these, at least one is classified as critical.  

They found that no single scanner is capable of countering all these vulnerabilities, but their prototype tool caters to all these challenges and is a one-stop guide to ensure 100 % website security. 

There is an urgent need to audit websites and ensure they are secure if these breaches are to be curbed and companies and governments can save millions of dollars. The researchers are now seeking to commercialise their prototype.

NCSC:     Eurekalert:     Newswise:      OpenGovAsia:        I-HLS:     National Cyber Security News

You Might Also Read: 

‘We Hacked Your Website’ Blackmail Scam:

 

« Creating A Culture Of Cyber Security Throughout An Organisation
Exposed: Sensitive Data Of 146,000 Aon Customers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

OPSWAT

OPSWAT

OPSWAT is a software company that provides solutions to secure and manage IT infrastructure.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

Computer & Communications Industry Association (CCIA)

Computer & Communications Industry Association (CCIA)

CCIA supports efforts to facilitate and streamline information sharing on cyber threats between the private sector and the Federal Government.

ARC Advisory Group

ARC Advisory Group

ARC is a leading technology research and advisory firm with expertise in both information technologies (IT) and operational technologies (OT)

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

Zettaset

Zettaset

Zettaset’s XCrypt Data Encryption Platform delivers proven protection for Object, Relational/SQL, NoSQL, and Hadoop data stores…in the cloud and on-premises.

OEDIV SecuSys

OEDIV SecuSys

OEDIV SecuSys (previously iSM Secu-Sys) develops high-quality IT software solutions, setting standards as a technology leader in the area of identity and access management.

CloudAlly

CloudAlly

CloudAlly provides online cloud to cloud backup and recovery solutions, which backs up daily changes in your SaaS to unlimited Amazon S3 storage and makes it available for restore or export.

Cyberteq

Cyberteq

Cyberteq is an innovative Information and Communication Technology Consulting Company, enabling it’s customers to take full advantage of the latest technologies in a secure manner.

BlueKrypt

BlueKrypt

BlueKrypt is a consulting firm for the security of IT systems and their management.

Swarmnetics

Swarmnetics

Swarmnetics helps customers discover hard-to-find software vulnerabilities by hacking your system before the bad guys do.

Britive

Britive

The Britive Platform is a cloud-native security solution built for the most demanding cloud-forward enterprises.

Institute for Security and Technology (IST)

Institute for Security and Technology (IST)

The Institute for Security and Technology's goal is to provide the tools and insights needed for companies and governments to outpace emerging global security threats.

Alea Consulting

Alea Consulting

Alea Consulting is a global risk mitigation and investigative consulting firm, which helps organizations reduce reputation and operational concerns.

Spotit

Spotit

Spotit offers a wide-ranging portfolio of technologies and services, from consultancy, assessments and pentesting to the set up of completely new security and network infrastructures.

Topsec Cloud Solutions

Topsec Cloud Solutions

The Topsec Managed Email Security Platform eliminates Spam, Viruses, Malware, and Phishing.