|
Vulnerabilities
Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader:
I’m noticing a trend of sites patching the more obvious cross-site scripting vectors, such as search fields, but ignoring parameters in secondary pages, such as Ajax interfaces. Several applications in the Month of Facebook B (Read More)
News Network:
Web Application Security
Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader:
Original document at owasp.orgOWASP AppSec DC 2009 ConferenceJeff Williams, OWASP Board ChairThe OWASP MissionFirst I’d like to introduce the OWASP Board (Tom, Dave, Dinis,Seba, and myself)The board runs the OWASP Foundation, (Read More)
News Network:
Web Application Security
Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader:
I sometime feel that our industry misses the point on what we (security professionals) are doing here.In a nutshell, the current 'Web Application Security assessment' world is far from being ‘working’ (see AppScan 2011 for a (Read More)
News Network:
Web Application Security
Topic:
Web Application Security
Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader:
Internet Explorer 8’s famous XSS filter can be exploited to perform successful XSS attacks against web sites which would be otherwise safe. In other words, XSS “protection” is helping XSS attackers, oh the irony.Well, this is (Read More)
News Network:
Web Application Security
Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader:
The register just ran an article (IE8 bug makes 'safe' sites unsafe) talking about a flaw in Internet Explorer 8's XSS filtering. I have researched the IE8 filter in the past and provided some of my thoughts on the matter.As (Read More)
News Network:
Web Application Security
Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader:
I'm finally home and have a minute to write about the past week's OWASP AppSec DC 2009 conference. And what a conference it was - far and away the best conference on information security of the year. This includes the organ (Read More)
News Network:
Web Application Security
Topic:
Web Application Security
Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader:
The application I beat up for the ESAPI WAF preso at OWASP AppSec DC was JForum. It’s awesome, free, open source forum software that is quite popular (CBS, EA and the Ukrainian government seem to like it). That aside, it’s go (Read More)
News Network:
Web Application Security
6 days ago
Security News Collected by AWSODA-SYSTEMS:
Here are the latest updates for security-news@awsoda.net "TrendLabs | Malware Blog - by Trend Micro" - 1 new article Pacquiao vs Cotto Fight Live Stream Leads to FAKEAVMore Recent ArticlesSearch TrendLabs | Mal (Read More)
News Network:
Computer And Network Security
Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader:
About two weeks ago, security researcher Mike Bailey posted a paper on cookie attacks via subdomains (hat tip: Jeremiah Grossman). I’ve seen several stories since then dealing with various subdomain security issues. In fact, (Read More)
News Network:
Web Application Security
Nov 15, 2009
Security News Collected by AWSODA-SYSTEMS:
Here are the latest updates for security-news@awsoda.net "TrendLabs | Malware Blog - by Trend Micro" - 1 new article Bogus 'Balance Checker' Tool Carries MalwareMore Recent ArticlesSearch TrendLabs | Malware Bl (Read More)
News Network:
Computer And Network Security
Moderated AppSec Feed - OWASP Foundation's shared items in Google Reader:
The ESAPI project is quickly gaining steam. We’ve added a number of strong committers and there are many companies out their adopting. My little addition to ESAPI was just released yesterday at OWASP AppSec DC, the ESAPI Web (Read More)
News Network:
Web Application Security
Topic:
Web Application Security
Washington Post:
Apple has shipped a new version of its Safari Web browser that fixes at least seven security vulnerabilities. The Safari 4.0.4 update is available for both Mac and Windows versions of the browser. Mac users can grab the lates (Read More)
Submitted by sfoskett
from Google Reader:
Sitting in an impressive room at the Google campus in Mountain View last month, I asked the collective group of brainpower a slightly rhetorical question:How much longer do you feel pure-play Infrastructure-As-A-Service will (Read More)
Wired: Threat Level:
People who think they are being wiretapped by the cops could disable the taps by sending a stream of text messages or making numerous VoIP calls to overwhelm the system’s thin bandwidth, researchers in Pennsylvania postulate. (Read More)
Latest articles from SC Magazine US News:
Web application vulnerabilities remains the primary avenue of attack for cybercriminals, according to a new report.
. (Read More)
News Network:
Computer And Network Security
Latest articles from SC Magazine US News:
Apple's latest Safari update, the sixth of the year, includes fixes for seven vulnerabilities.
. (Read More)
News Network:
Computer And Network Security
Topic:
Apple
Security News Collected by AWSODA-SYSTEMS:
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1US-CERT Current ActivityApple Releases Safari 4.0.4Original release date: November 12, 2009 at 8:08 amLast revised: November 12, 2009 at 8:08 amApple has released Safari 4.0.4 to ad (Read More)
News Network:
Computer And Network Security
Nov 12, 2009
Security News Collected by AWSODA-SYSTEMS:
Here are the latest updates for security-news@awsoda.net "TrendLabs | Malware Blog - by Trend Micro" - 1 new article November Patch Tuesday Addresses 15 VulnerabilitiesMore Recent ArticlesSearch TrendLabs | Mal (Read More)
News Network:
Computer And Network Security
Security News Collected by AWSODA-SYSTEMS:
Sign up for other newsletters | Unsubscribe | Update your profile (Read More)
News Network:
Computer And Network Security
Add something
|
||||||||
|
|
||||||||
