SEARCH RESULTS
 
Showing 1-7 of 7 records
1
 
Expand article

Mr Bump has a problem with me being frustrated by loving customers

2008-06-14 00:26:46 by HASH0x8473090 in StillSecure, After All These Years
 
So my friend Mr Bump has a problem with my post on vendor frustrations with customers. For those who don't know Mr Bump, he writes about "NAC in the real world", originally about his deployment of Nevis Networks product. At first I thought Mr Bump was a pseudonym for Dom Wilde over at Nevis, but over time I actually like some of what Mr Bump...
 
Tags: bump, bump responds, sales people, people, bump doubts, bump writes, security, security vendors, person
 
 
 
 
Expand article

Mr Bump has a problem with me being frustrated by loving customers

2008-06-14 01:10:08 by ashimmy in StillSecure, After All These Years
 
So my friend Mr Bump has a problem with my post on vendor frustrations with customers. For those who don't know Mr Bump, he writes about "NAC in the real world", originally about his deployment of Nevis Networks product. At first I thought Mr Bump was a pseudonym for Dom Wilde over at Nevis, but over time I actually like some of what Mr Bump...
 
Tags: bump, bump responds, sales people, people, bump doubts, bump writes, security, security vendors, person
 
 
 
 
Expand article

1&1 Internet Customers Vulnerable to XSS

2007-12-30 21:15:23 by RSnake in ha.ckers.org web application security lab
 
John Smith sent me this this link to a writeup on customers who are hosted at 1&1 Internet are vulnerable to XSS . The technique is simple, but it comes from the way in which they present ads based on detection of a file not found. They pop up an iframe based on file name which you can jump out of pretty easily. Not so good. Im not sure what...
 
Tags: customers, xss, internet, dom based xss, file, john smith, predictable location, pretty easily, ads based
 
 
 
 
Expand article

SDL and Web 2.0

2008-02-28 22:26:00 by sdl in The Security Development Lifecycle
 
Hi everyone, Bryan Sullivan here Unless youve been living in an ice cave on the polar cap for the last month, youve heard about Microsofts proposed acquisition of Yahoo. George Hulme of InformationWeek wrote a very insightful column about the proposed acquisition and what it would mean for Yahoos Web 2.0 properties. My favorite quote from this...
 
Tags: web, site, chriss web site, mashups, web mashups, site cookies, persistent cross-site, cookies, benefit anyones web
 
 
 
 
Expand article

CIAC Tech Bulletin on XSS a valuable reference

2008-06-10 10:21:00 by Russ McRee in HolisticInfoSec.org
 
The only fault I could possibly find in the recently released CIAC Technical Bulletin, CIACTech08-003: Understanding Cross-Site Scripting (XSS) , is that it should have been released a year ago or more But rather than nitpick, I'd like to applaud This is a fine effort, with a number of good resources cited You'll find content on the types of...
 
Tags: ciac, xss, vendors, xss vulnerabilities, ciac technical bulletin, major security vendors, stories continue, content, fine effort
 
 
 
 
Expand article

Fake Porn Sites Serving Malware

The Article has images
2008-06-25 12:16:20 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Ah, that RBN with its centralization mentality for the sake of ease of management and 99.999% uptime. In this very latest example of using malicious doorways redirecting to fake porn sites, consisting of over twenty different domains serving the usual Zlob malware variants, we have a decent abuse of a template for a porn site The easy of...
 
Tags: net, fake porn sites, malware, about-adult, scan-porn, zlob malware variant, name-adult, useporn, porn-the
 
 
 
 
Expand article

Juniper switches - Where's the beef?

The Article has embedded video
2008-02-01 07:34:50 by HASH0x8b4b924 in StillSecure, After All These Years
 
With Junipers long awaited release of their EX switch line, many have said that there is just nothing distinguishing about the line up. Just speeds and feeds. Others are saying that the real secret sauce is the JUNOS. That very well may be. However, Tim Greene in this article says that Junipers built in NAC may be Junipers not-so-secret weapon....
 
Tags: juniper, junipers competition, junipers, junipers not-so-secret weapon, application, nac application, procurve, nac, procurve idm
 
 
 
 
 
Showing 1-7 of 7 records
1
 
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia