logo

importance

Category: vulnerabilities | Posted by Avatar Staff 293 days ago
Via: http://www.symantec.com | Tags: phishing attacks exploiting injection flaws importance application security comments Discuss  
As discussed in the past, cross site scripting (XSS) can be exploited by phishers to build really effective attacks. Today we have analyzed another similar attack that includes some enhanced features. The attack was exploiting an injection flaw in an Internet banking application, specifically located in the module used to display warning messages to users. The function took a single GET parameter: https://www.well-known-bank.com/popup.asp?msg=[ASCII_encoded_message_to_display] And then returned a page read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 249 days ago
Via: http://lists.jammed.com | Tags: isn importance updated comments Discuss  
http://www.linux-watch.com/news/NS5622797384.htmlBy Steven J. Vaughan-NicholsLinux WatchMarch 25, 2008Palamida, an open-source risk management company, believes in open source. But at the same time, its corporate code audits of more than 500 million lines of code has found time and again "specific open-source projects inside mission critical systems that had not been patched" with most recent updates.Part of the problem? Many companies are unclear both about what programs they're using, never min read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 16 days ago
Via: http://lists.jammed.com | Tags: isn importance x event monitoring process control systems comments Discuss  
From: InfoSec News <alerts_at_private>Date: Fri, 14 Nov 2008 05:50:59 -0600 (CST)http://www.controleng.com/blog/590000659/post/420036442.htmlBy Matt Luallen and Steve Hamburg of EncariNovember 12, 2008Well, I (Steve here) finally succumbed to my temptation and saw the blockbuster hit Eagle Eye. (http://www.eagleeyemovie.com/ and http://www.fandango.com/eagleeye_110111/movieoverview). I’ll do my best not to ruin this movie in the event that you have not yet seen it while trying to make the key point o read more »
addto Add this link to... report Bury 


Copyright 2005-2008 Best of Security