SEARCH RESULTS
 
Showing 1-10 of 836 records
 
Expand article

New Cross-Site Request Forgery Attacks

2008-10-06 05:42:04 by schneier in Schneier on Security
 
...site allows an authenticated user to perform a sensitive action but does not verify that the user herself is invoking that action. The key to understanding CSRF attacks is to recognize that websites typically don't verify that a request came from an authorized user. Instead they verify only that the request came from the browser of an...
 
Tags: attacks, user, cross-site, site, user visits, csrf attacks, sensitive action, action, site completely
 
 
 
 
Expand article

House committee issues report and finds fault with TSA web site

The Article has images
2008-01-15 09:35:53 by Evan Francen in The Breach Blog
...site between October 6, 2006 and February 13, 2007 Number Affected thousands Types of Data Name, Social Security number, birth date, birth place, sex, height, weight, hair color, eye color, address, and home and work telephone number Breach Description According to the January, 2008 United States House of Representatives Committee on...
 
Tags: tsa, website, website contract, traveler redress website, tsa moved quickly, security breach, information security breach, security vulnerabilities, multiple security vulnerabilities
 
 
 
 
Expand article

Passport Canada web site suffers serious breach

The Article has images
2007-12-05 11:51:09 by Evan Francen in The Breach Blog
...site. Passport Canada officials confirmed the security flaw and breach on Tuesday, December 4th Reference URL Reuters Canada News Story 680News.com News Story The Globe and Mail News Story The Register News Story (UK - Good commentary Report Credit Kenyon Wallace, Globe and Mail (CA Response From the sources cited above A security flaw in...
 
Tags: passport canada, information, personal information, passport application information, application, breach, passport application site, passport canada spokesman, significant security breaches
 
 
 
 
Expand article

Monetizing Web Site Defacements

The Article has images
2008-06-13 11:54:20 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...site defacements back in the old school days, is today's ongoing monetization of defaced web sites, a logical development given the consolidation between different underground parties, evidence of which can be seen in the majority of incidents I've been analyzing recently The Africa Middle Market Fund ' site is the latest example of a web...
 
Tags: site, web site defacements, site helps webmasters, web site defacement, web sites, sites, traffic exchange, traffic, traffic suppliers
 
 
 
 
Expand article

McAfee's Site Advisor Blocking n.runs AG - "for starters"

The Article has images
2008-08-04 09:42:49 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...site Excluding the conspiracy theories, a false positive when your solution is integrated in the second most popular search engine is bad, especially when other automated crawling approaches are successfully detecting the site as a non-malicious one. How come? It's all a matter of how you define malicious activity, and what exactly are you...
 
Tags: site, site advisor, org due, org, dangerous site, specific site, malicious, harmful sites, sites
 
 
 
 
Expand article

Anti-Malware Vendor's Site Serving Malware

The Article has images
2008-02-12 20:31:18 by HASH0x8b333c4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...site even bigger, the irony is perhaps what truly matters in the situation. Some press coverage - Hackers Turn Antivirus Site Into Virus Spreader ; Antivirus company's Web site downloads ... a virus ; Hackers seed malware on Indian anti-virus site Hackers planted malicious script on the site of an Indian anti-virus firm this week. The...
 
Tags: site, virut virus, virus, indian anti-virus site, malware, web site downloads, antivirus site, hackers, hackers seed malware
 
 
 
 
Expand article

Web Site: Security and Trust

The Article has images
2007-01-18 07:10:00 by RaviC in Musings on Information Security
...site that is accessible securely through https can be trusted. This is not true. Not all the sites that use https can be trusted. Nothing can stop fraudsters from setting up a https web site. Though https offers security it does not offer trust. Trust is a choice that the user has to make consciously. Here are some tips that help you to...
 
Tags: web site, https, https web site, trust, offer trust, web site belongs, https url, https offers security, ensure
 
 
 
 
Expand article

Irish jobs site compromised and personal information accessed

The Article has images
2008-03-31 10:13:21 by Evan Francen in The Breach Blog
...site Jobs.ie late on Thursday 27 March, when what the company described as a small number of CVs were illegally downloaded by a third-party that hacked the site and gained access to the database Reference URL Jobs.ie Important Notice SiliconRepublic The Irish Times ElectricNews.net Ltd Report Credit Jobs.ie Response From the online sources...
 
Tags: jobs, information, personal information, job-seekers site jobs, site, identity, identity theft, breach description, breach
 
 
 
 
Expand article

Another Site Hiding Pirate Movies Behind a Zango Installer Prompt

The Article has images
2008-08-15 07:44:39 by Christopher Boyd in SpywareGuide Greynets Blog
...site asking you to install Zango before you could view the site content (which happens to be pirated movies ). Well, another site has come to light doing a similar thing - I'm starting to wonder how many of these are actually out there. It's also served to highlight what I feel is a particularly confusing popup box, but we'll get to that...
 
Tags: site, zango, site content, zango installer box, click, movies, individual, cancel, install zango