SEARCH RESULTS
 
Showing 1-10 of 82 records
 
Expand article

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...Commonly exploited in a web application where one user enters information that's viewed by another user. An attacker can inject malicious scripts that are executed in the context of the victim's session. The exploit is triggered when a victim visits the website at some point in the future, such as through improperly sanitized blog comments...
 
Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check
 
 
 
 
Expand article

The top 10 spam characteristics (#1-5)

2006-10-03 04:13:56 by Administrator in Email security & compliance blog
 
...commonly found characteristics in current spam mails. Last week we saw the top spam characteristics in position #10 to #6. Today we are counting down to the #1 spam characteristic, the characteristic that Red Earth Software has found to be the most common in todays spam messages 5. From: and Reply To: address are different : This is a common...
 
Tags: spam, spam characteristics, top spam characteristics, spam characteristic, spam mails, avoid spam messages, html comment tags, comment tags, flag spam correctly
 
 
 
 
Expand article

On Security & Risk Management Innovation

2008-11-12 14:23:30 by Alex in RiskAnalys.is
 
...commonly available toolset But while the resources part of TCap is time & materials (money) - the skills are really more than just the toolset. Skills would include the ability of the attacker to be creative and innovative. As an example of that innovation from those PenTesting days - when we got a high effort request, we would always try to...
 
Tags: innovation, process, process innovation, call technology innovation, technology innovation, security, risk, risk management, attackers skills
 
 
 
 
Expand article

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...Commonly exploited in a web application where one user enters information that's viewed by another user. An attacker can inject malicious scripts that are executed in the context of the victim's session. The exploit is triggered when a victim visits the website at some point in the future, such as through improperly sanitized blog comments...
 
Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check
 
 
 
 
Expand article

Announcing "Browser Security Handbook"

2008-12-10 14:54:00 by Niels Provos in Google Online Security Blog
 
...commonly installed browser extensions. If not accounted for, these differences can lead to trouble In hopes of helping to make the Web a safer place, we decided to release our Browser Security Handbook to the general public. This 60-page document provides a comprehensive comparison of a broad set of security features and characteristics in...
 
Tags: security, browser, security researchers, security features, browser security mechanisms, mechanisms, browser security handbook, handbook, browser extensions
 
 
 
 
Expand article

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...Commonly exploited in a web application where one user enters information that's viewed by another user. An attacker can inject malicious scripts that are executed in the context of the victim's session. The exploit is triggered when a victim visits the website at some point in the future, such as through improperly sanitized blog comments...
 
Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check
 
 
 
 
Expand article

Announcing "Browser Security Handbook"

2008-12-10 14:54:00 by Niels Provos in Google Online Security Blog
 
...commonly installed browser extensions. If not accounted for, these differences can lead to trouble In hopes of helping to make the Web a safer place, we decided to release our Browser Security Handbook to the general public. This 60-page document provides a comprehensive comparison of a broad set of security features and characteristics in...
 
Tags: security, browser, security researchers, security features, browser security mechanisms, mechanisms, browser security handbook, handbook, browser extensions
 
 
 
 
Expand article

Quantitative Analysis = "Highly" Technical Analysis (?)

2007-02-07 09:34:00 by Jomni in Risk Management Quant
 
...commonly described as Charting . It is the study of charts (graphical representation of past price movements) and finding patterns in them. Investment decisions are then based on these patterns. People say this is superstition as price moves randomly and just forms these patterns by chance. Technical analysis also utilize quantitative...
 
Tags: technical, technical analysis, quantitative analysis, quantitative, technical indicators, indicators, survey results, results, reversal models
 
 
 
 
Expand article

Web Server Software and Malware

The Article has images
2007-06-05 09:30:00 by Niels Provos in Google Online Security Blog
...commonly seen ADODB.Stream exploit is not available to pirated copies of Windows operating systems Overall, we see a mix of results. In Germany, for instance, Apache is more likely to be serving malware than Microsoft IIS, compared to the overall distributions of these servers. In Asia, we see the reverse, which is part of the cause of...
 
Tags: servers serve malware, servers, apache servers, malicious servers, web server software, server software, web servers, microsoft iis, microsoft iis features