[ad] Browser Rider is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit. Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools […]
web-security
Web Application Security Statistics for 2008
[ad] Purpose The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2007. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape. We ascertain which classes of attacks are the […]
CSRF Vulnerability in Twitter Allows Forced Following
[ad] I did mention this earlier in the week when I was talking about Twitter being used as a malware distribution platform, there also seems to be an auto follow vulnerability that spammers would love. Do you remember Myspace and samy with 900,000 friends? Now we have johng77536 on Twitter! Last week, TechCrunch’s Jason Kincaid […]
Twitter Targeted by Malware Distributors
[ad] This one is of interest to me as I do actually use Twitter as a microblogging service and to keep up with what various friends are up to. It’s quite an interesting wep app especially paired with something like Twitterfox in your browser and Twibble in your mobile phone. It must have made it […]
Widespread Flaws in Online Banking Systems
[ad] After a recent survey it shows online banking may not be as secure as you might think. People tend to think banks are the pinnacle of security and that assumption continues to their websites. Sadly however, even in my own personal experience, the truth is far from that. Many many banks have flaws that […]