fixed link

index.html

@@ -307,7 +307,7 @@
                                   
             <h1>About</h1>
 <p>Dependency-check is an open source solution the OWASP Top 10 2013 entry: <a class="externalLink" href="https://www.owasp.org/index.php/Top_10_2013-A9-Using_Components_with_Known_Vulnerabilities">A9 - Using Components with Known Vulnerabilities</a>. Dependency-check can currently be used to scan Java applications (and their dependent libraries) to identify known vulnerable components.</p>
-<p>The problem with using known vulnerable components was covered in a paper by Jeff Williams and Arshan Dabirsiaghi titled, &#x201c;<a class="externalLink" href="https://www.aspectsecurity.com/uploads/downloads/2012/03/Aspect-Security-The-Unfortunate-Reality-of-Insecure-Libraries.pdf">The Unfortunate Reality of Insecure Libraries</a>&#x201d;. The gist of the paper is that we as a development community include third party libraries in our applications that contain well known published vulnerabilities (such as those at the <a class="externalLink" href="http://web.nvd.nist.gov/view/vuln/search">National Vulnerability Database</a>).</p>
+<p>The problem with using known vulnerable components was covered in a paper by Jeff Williams and Arshan Dabirsiaghi titled, "<a class="externalLink" href="http://www1.contrastsecurity.com/the-unfortunate-reality-of-insecure-libraries?&__hssc=92971330.1.1412763139545&__hstc=92971330.5d71a97ce2c038f53e4109bfd029b71e.1412763139545.1412763139545.1412763139545.1&hsCtaTracking=7bbb964b-eac1-454d-9d5b-cc1089659590%7C816e01cf-4d75-449a-8691-bd0c6f9946a5">The Unfortunate Reality of Insecure Libraries</a>" (registration required). The gist of the paper is that we as a development community include third party libraries in our applications that contain well known published vulnerabilities (such as those at the <a class="externalLink" href="http://web.nvd.nist.gov/view/vuln/search">National Vulnerability Database</a>).</p>
 <p>More information about dependency-check can be found here:</p>
 
 <ul>