Friday, March 28th, 2008
Last week's massive IFRAME injection attack is slowly turning into a what looks like a large scale web application vulnerabilities audit of high profile sites. Following the timely news coverage, Symantec's rating for the attack as medium risk, StopBadware commenting on XP Antivirus 2008, and US-CERT issuing a warning about ...
Posted in Coding, Internet, Privacy, Security | No Comments
Friday, March 28th, 2008
The purpose of this article is to help people without advanced computer knowledge to start white hacking and learn how to write more secure login web pages. When I started to learn about security, even though I searched really hard, I did not manage to find articles that would tell ...
Posted in Coding, Internet, Security, Software | No Comments
Thursday, March 27th, 2008
A couple of weeks ago, we received a CHM, or Windows Help file, embedded in e-mail as part of a targeted attack campaign against an NGO. Virus detection was near zero. On Virustotal.com, two solutions actually flagged it as malicious.
After decompiling the CHM file, which you can easily do using tools ...
Posted in Coding, Internet, Privacy, Security | No Comments
Thursday, March 27th, 2008
I have a quick update on where we are with Acid3. Since the test was officially announced recently, our Core developers have been hard at work fixing bugs and adding the missing standards support. Today we reached a 100% pass rate for the first time! There are some remaining issues ...
Posted in Coding, Internet, Windows | No Comments
Monday, March 24th, 2008
Exploit-Me is a suite of Firefox web application security testing tools. Exploit-Me tools are designed to be lightweight and easy to use. Instead of using a proxy like many web application testing tools, Exploit-Me integrates directly with Firefox. It currently consists of two tools, one for XSS and one for ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
