San Francisco: +1 (415) 635 3784  |  Geneva: +41 (022) 723 2424   |  
ImmuniWeb® Login | Register
ImmuniWeb® by High-Tech Bridge

High-Tech Bridge Newsletter

Subscribe to our newsletter and receive some or all of our corporate news, invitations to security events or HTB Security Advisories – you choose what you want to receive.

High-Tech Bridge Security Blog

Practical step-by-step guidance after your company has been hacked July 1, 2015
Everybody tends to think that hackers will never ever target them or their company/organisation until a breach occurs. We have already published several practical examples explaining why hackers target you and your data. Here, I will try to concentrate on post-incident actions and provide some brief advice on what to do after you have been hacked.

The most common information security mistakes of e-commerces June 22, 2015
Almost every month a new incident involving a big retailer, e-commerce or web platform makes the news headlines. Most retail fraud is now committed online, and in 2014 alone hackers managed to steal more than 61 million records from retailers. We will try to analyze the most common managerial and operational mistakes retail organizations make when defending against hackers.

The top mistakes banks make defending against hackers June 15, 2015
Many financial institutions fail to perform comprehensive risk analysis and assessment, exposing their companies and clients to enormous risk.

Why PCI’s Mandatory Pen Testing is no Silver Bullet June 12, 2015
On 1st June 2015 the new PCI (Payment Card Industry) 3.0 standard became mandatory, and includes a requirement to conduct web penetration testing at least once a year.

How often should companies conduct web penetration testing? May 26, 2015
Following our previous blog post “How long does website penetration testing take” we received a lot of questions from our customers and partners about the recommended frequency of penetration testing for their web applications. In this blog post we will answer that question.

Drive-by-login attack: the end of safe web April 7, 2015
In this blog post, we are going to share some interesting facts about a new vector of drive-by-download attack that we called ‘drive-by-login’.

How much is your website worth on the Black Market? February 25, 2015
Web applications are becoming a vital part of our everyday life. Almost any application has a web interface, or a web API. Microsoft and Google are moving their flagship products to the cloud accessible and manageable via web interfaces. Even mobile applications interact with web interfaces to send and receive data. Almost any database in the world is connected to a web interface or web application. However, global “webization” has many hidden threats that companies and individuals do not realize. In this blog post we will try to explain why hackers are targeting your website, and how they can make money on it.

RansomWeb: emerging website threat that may outshine DDoS, data theft and defacements? January 28, 2015
More and more people become victims of ransomware, a malware that encrypts your data and demand money to decrypt them. A new trend on the market shows that cybercriminals will now target your website as well to get a ransom payment from you.

How long does website penetration testing take? January 26, 2015
Penetration testing is usually billed by the number of hours the security auditors (pen testers) spend on a project, many of us face the same question: how long does a penetration test take and so how much will it cost? In this blog post we will try to clarify how much time a web penetration test should normally take.

Web security and hacking trends for 2015 January 5, 2015
What are biggest risks and threats your web applications will probably face in 2015?