Well-known Security Flaws Go Ignored
‘Entire internet’ could be at risk, warns analyst Failure to implement effective security policies is leaving the majority of companies open to surprisingly common vulnerabilities, and is even threatening the security of the “entire internet”, analysts warned last week. According to the Open Web Application Security Project (OWASP), which has published a list of the most dangerous internet application security problems, the greatest threat comes from ignoring exploits that are well understood and well documented. Many of the problems on the OWASP’s list can be executed by inexperienced ‘script kiddies’ using automated cracking tools. The Washington-based open source project was surprised to find that firms were not deploying countermeasures against well known threats. Full Story