Redirect flaw on .gov sites leaves open door for phishers
At least 20,000 users have fallen victim to a spam campaign that uses shortened links to legitimate government sites to carry out a hoax. In the scams, users receive emails containing “1.usa.gov” short links and are redirected twice upon clicking — first, immediately past a legitimate government site, then, to websites that looks like a CNBC news articles touting “$4,000 a month” home-based business opportunities. NTOSpider reports on external resources shows how many external URL your application is pointing to. Scan your application with NTOSpider to find all possible vulnerabilities in the application –
FireHost Q3 Web Application Report — XSS Attacks Lead Pack As Most Frequent Attack Type
Cloud hosting company, FireHost, has announced the findings of its latest web application attack report which provides statistical analysis of the 15 million cyber-attacks blocked by its servers in the US and Europe during Q3 2012. The report looks at attacks from web applications, databases and websites of FireHost’s customers between July and September and offers an impression of the current internet security climate as a whole. The top 4 attacks that come out of the reports are Cross-site Scripting (XSS), Directory Traversal, SQL Injection, and Cross-site Request Forgery (CSRF). One of the most significant changes in attack traffic seen by FireHost between Q2 and Q3 2012 was a considerable rise in the number of cross-site attacks, in particular XSS and CSRF attacks rose to represent 64% of the group in the third quarter (a 28% increased penetration). XSS is now the most common attack type in the Superfecta, with CSRF now in second. FireHost’s servers blocked more than one million XSS attacks during this period alone, a figure which rose 69%, from 603,016 separate attacks in Q2 to 1,018,817 in Q3. CSRF attacks reached second place on the Superfecta at 843,517. Test your application with NTOSpider to find possible vulnerabilities in your application –
Adobe Pushes Security Updates For Shockwave Player
Adobe updated Adobe Shockwave Player 188.8.131.527 and earlier versions on Windows and Mac OS X to close vulnerabilities that could allow an attacker to run malicious code on the affected system. The patch fixed five buffer overflow vulnerabilities and an array out of bounds vulnerability in the software. Adobe generally does not provide a lot of information in its bulletins about the vulnerabilities beyond CVE numbers (CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, CVE-2012-4175, CVE-2012-4176, CVE-2012-5273).
snuck – Another tool to automate XSS Filter bypass
snuck is an automated tool that may definitely help in finding XSS vulnerabilities in web applications. It is based on Selenium and supports Mozilla Firefox, Google Chrome and Internet Explorer. The approach, it adopts, is based on the inspection of the injection’s reflection context and relies on a set of specialized and obfuscated attack vectors for filter evasion. In addition, XSS testing is performed in-browser, a real web browser is driven for reproducing the attacker’s behavior and possibly the victim’s.
Andriod Developers – How Much Can We Trust?
A team of German academics have published a very detailed paper about web security on the Andriod platform. The paper is titled, Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security and can be found at http://www2.dcsec.uni-hannover.de/files/android/p50-fahl.pdf.
The paper is well worth the read for a much better description of their study. To summarize some of the findings. The authors downloaded 13,500 apps from the Google Play store, those with top download counts. Then they looked at apps that use HTTPS. Of those, 790 apps implemented SSL but would accept any certificate. 284 of the apps would accept a certificate is if was signed by any approved CA but did not take into consideration of the site it was issued for. Another noted problem with certificate acceptance, is that the apps generally provided no visual indication that SSL was being used.
All in all, the cumulative install base of confirmed vulnerable apps within this 13,500 sample lies between 39.5 and 185 million devices. Take the time to read the paper in it’s entirety.