Surviving the Week 8/24/12
Get Off Your AMF and Don’t REST On JSON At “BSides Los Angeles“, I presented on “Get off your AMF and don’t REST on JSON”. […]
Get Off Your AMF and Don’t REST On JSON At “BSides Los Angeles“, I presented on “Get off your AMF and don’t REST on JSON”. […]
Sorry readers, last week’s post was missed due to an overwhelming amount of work both on the professional and personal areas. Thank you for holding […]
Web Apps Experience 2,700+ Attacks Per Year In a recent study, Imperva found that the average application can expect attack incidents 120 days per year […]
HTML5 Top 10 Attacks Last week at Blackhat, our team member Shreeraj Shah presented on threats against HTML5. The talk discussed the Top 10 Threats […]
CodeIgniter 2.1.1 Cross Site Scripting Bypass CodeIgniter is an open source Web Application Framework that helps authors write PHP applications. Version 2.1.1 of CodeIgniter suffers […]
Black Hat 2012 Coverage Dark Reading put together a list of interesting talks to headline at Black Hat this year. Check out their preview links. […]
Nvidia developer forums had been hacked, 400,000 user account compromised. More games with “Who’s got the biggest bounty?” 400,000 is fairly respectable. Remember back in […]
Huge SQL injection knowledge base NTObjectives released a SQL Injection cheat sheet which can be found at http://www.ntobjectives.com/go/sql-injection-cheat-sheet/, A more comprehensive knowledge base of SQL injection […]
Code Execution Vulnerability in Microsoft XML Core Services If you are calling “msxml3!_dispatchImpl::InvokeHelper” in your code, make sure to patch it. A vulnerability exists when […]
10 Vulnerable Web Applications You Can Play With There are number of vulnerable web applications to be discoverd. Many times we are asked for known […]
United States Department of Defense data leaked by Anonymous hackers A group named “Wikiboat” attacked the website of the Department of Defense and gained access […]
LinkedIn confirms hack, over 60% of stolen passwords already cracked Linkedin, one of the most popular professional social engineering sites has confirmed a compromise of […]
A very interesting update on Flame, malware targeting Middle Eastern countries, from Alexander Gostev at Kaspersky today about Microsoft, the trusted certificate authority. Malware is a […]
Revealed: Hundreds of words to avoid using online if you don’t want the government spying on you This week, The Department of Homeland Security has […]
Not that it has been a quiet week in the web application seucrity arena, it was simply a busy week. Microsoft’s SDL Expands Beyond Redmond […]
Hmmm Lets see if I even remember how to enter this stuff anymore… Yeap you guessed it, we finally recorded another episode – WOOT! Show […]
Podcast: Play in new window | Download (Duration: 51:43 — 72.7MB)
Subscribe: Apple Podcasts | RSS
WAF Wars WAF is more commonly used as an IDS rather than IPS, This is mainly due to the amount of alerts they generate when […]
Common User Passwords Profiler Interesting python script which when used in conjunction with information from social media i.e. Facebook, Twitter and Linkedin it can create […]
Insight to online black markets and how they work A short article that provides a brief look at how bitcoins and Tor make anonymous black […]
We released a new white paper today, Top 10 Business Logic Attack Vectors. Why did we write this paper? Business logic vulnerabilities are not new, […]
Decline in web application vulnerabilities? Interesting article and kind of funny. No responsibility is taken for the problem. One of the reasons for this disparity […]
We’re looking forward to our upcoming webinar with 451 Research Director, Wendy Nather next week on 5/2. Wendy and I will be discussing a trend […]
Using Reverse Proxies To Secure Databases This study provides a unique technique to protect against SQL Injection. However, it is not a full proof solution […]
Another trends report for 2011 through Q1 2012 This report details the continued threat of vulnerabilities within web apps, mobile apps, and specific vulns with […]
An ebay Site is Vulnerable to SQL Injection The eBay site in Southeast Asia is vulnerable to SQL Injection. https://www.upsploit.com/index.php/advisories/view/UPS-2012-0003 Sites such as ebay have […]
Copyright © 2024 | WordPress Theme by MH Themes