SEARCH RESULTS
 
Showing 1-6 of 6 records
1
 
Expand article

PayPal takes a bite out of Apple

The Article has images
2008-02-28 10:11:00 by Mike Rothman in Security Mike's Blog
...NoScript . I've mentioned that plug-in before, but until it is ported to (or that capability included in) the other browsers, I'm not going anywhere. It's that important So yes, Safari is missing some stuff. Like no built-in phishing filter or support for extended validation SSL certificates. I find the former to be a much bigger issue than...
 
Tags: chief security officer, safari browser, security, safari, secure, secure fashion, networkworld article, mac, photo credit
 
 
 
 
Expand article

Distributing Malware Through Trusted Websites

2008-09-15 20:14:01 by Chris Eng in Zero in a bit
 
...NoScript would have thwarted the attack because it wouldnt permit the .js file to be loaded from an off-domain location. But what happens when the attackers start injecting the entire .js payload into the database instead of just a tag? Now the malicious code is coming from the trusted domain, and if Ive configured NoScript to allow scripts...
 
Tags: content, content-rich site, host malicious content, sites content, sites, append malicious content, websites, businessweek, sql injection vulnerabilities
 
 
 
 
Expand article

Diminutive XSS Worm Contest Drama and Status Update

2008-01-06 17:34:38 by RSnake in ha.ckers.org web application security lab
 
...noscript plugin) chipped in to help the contest. People like him are solving the problem in their own ways as well. Its in everyones best interest to understand all the vectors. Will this empower bad guys? Id be nieve to say theres no chance of that. However, the goal here is to understand why the propagation methods were chosen so we can...
 
Tags: browser companies, browser, browser security arena, code, people visit, people, worm code, diminutive xss worm, xss worm
 
 
 
 
Expand article

Malware Attack Exploiting Flash Zero Day Vulnerability

The Article has images
2008-05-27 17:33:43 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...NoScript for Firefox, to explicitly allow SWFs to run only on trusted sites The Internet Storm Center also made an announcement and assessed a malware domain that was using the exploits in this case play0nlnie.com (125.46.104.172), next to Adobe's Product Security Inci dent Response Team (PSIRT) original announcement of the vulnerability....
 
Tags: flash, malware, macromedia flash content, flash content, sample flash file, adobe flash player, adobe, participation domains, domains
 
 
 
 
Expand article

CIAC Tech Bulletin on XSS a valuable reference

2008-06-10 10:21:00 by Russ McRee in HolisticInfoSec.org
 
...NoScript This is a great starting point for enlightening vendors, developers, and IT folk who may not be as up to speed as you might like on the concerns caused by XSS vulnerabilities Given the fact that stories continue to surface on the shortcomings of major security vendors , and their utter lack of diligence with regard to XSS, as well as...
 
Tags: ciac, xss, vendors, xss vulnerabilities, ciac technical bulletin, major security vendors, stories continue, content, fine effort
 
 
 
 
Expand article

Safari For Windows Vulnerabilities

2008-06-20 18:36:54 by Dave Lewis in Liquidmatrix Security Digest
 
This one came out early this morning From Secunia Description Some vulnerabilities and a security issue have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information or to compromise a users system 1) A boundary error within the handling of BMP and GIF images can be exploited to trigger an...
 
Tags: safari, sites zone, zone, internet explorer, apple safari, sites, vulnerabilities, memory corruption, disclose sensitive information
 
 
 
 
 
Showing 1-6 of 6 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia