SecurityRatty: tag: web

Forgot your password? may be weakest link in web security

2008-08-27 13:27:57 by Editor in Digg / Security

Almost everyone forgets a Web site password once in a while. When you do, you click on the familiar Forgot your password? link. As an experiment, Thompson recently asked a few friends for permission to "hack" into their bank accounts. Using only information gathered from Web sites such as Facebook, he found his way in to each account within minutes

Tags: password, web site password, thompson recently, link, bank accounts, web sites, experiment, friends, hack

Judge lets privacy advocate keep Social Security numbers on Web site

2008-08-27 13:00:00 by Editor in Computerworld Security News

A federal judge ruled that the state of Virginia can't prosecute operators of Web sites that post Social Security numbers obtained legally from government Web sites

Tags: government web sites, web sites, federal judge ruled, post social security, prosecute operators, virginia

SDL and Web 2.0

2008-02-28 22:26:00 by sdl in The Security Development Lifecycle

...Web 2.0 properties. My favorite quote from this column (probably my favorite quote from anyones column so far this year): theres still much to do in the [software] industry to reach a level of truly sustainable computing. This is perhaps especially true in the nascent area of Web 2.0 development. Lets hope Microsoft brings its Trustworthy...

Tags: web, site, chriss web site, mashups, web mashups, site cookies, persistent cross-site, cookies, benefit anyones web

SCSU web server becomes spam server and exposes personal information

2008-05-02 11:12:47 by Evan Francen in The Breach Blog

...Web site had been used by hackers to flog fancy wedding rings, Southern Connecticut State University is notifying 11,000 current and former students that their Social Security numbers may have been compromised Reference URL SCSU Alert PCWorld NBC Channel 30 News Chronicle of Higher Education Report Credit Southern Connecticut State...

Tags: personal information, information, evan personal information, web server, personal information storage, university, university system, personal, university immediately

Notes from IEEE Web 2.0 Security and Privacy Workshop (W2SP2008)

2008-05-27 22:45:00 by Security Retentive in Security Retentive

...Web 2.0 Security and Privacy Workshop . I figured I'd learn a few things, and also make sure that no new exploits were announced against my employer, and/or make sure we weren't the only examples people gave of problems I was pretty successful on goal #1, not 100% successful on goal #2 This post is mostly brain dump of notes about the talks...

Tags: browser, browser security models, browser project, browser security model, security models, browser security, security, web, security challenges

Web 2.0 Security - The Beginning of the End or The End of the Beginning

2008-05-29 15:26:12 by Gunnar Peterson in 1 Raindrop

...Web 2.0 security. Granted when Web 1.0 was built out did not have the ability to use static analysis to find vulnerabilities, we didn't have good identity standards and so on. So are we at a new a beginning where new tools and mechanisms will save our bacon? Or will Web 2.0 herald some new some 21st century O'leary cow that burns it all to...

Tags: people, software security people, software security, software security team, security, security people, web, security support, architecture

Web 2.0 SecureD. DelivereD. :)

2007-10-13 09:29:44 by RaviC in Musings on Information Security

Web 2.0 has become a well accepted jargon in the current marketplace. It is a set of new web based technologies that enable building of on-line communities Web 2.0 is a democracy of user communities [thanks to Paul Graham for his definition]. Web 2.0 gives more power for the users to interact, customize, share and leverage The democratization of...

Tags: web, web based technologies, call web, upload personal information, personal information, security, users, security awareness education, ensure users

Monetizing Web Site Defacements

2008-06-13 11:54:20 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...web site defacements back in the old school days, is today's ongoing monetization of defaced web sites, a logical development given the consolidation between different underground parties, evidence of which can be seen in the majority of incidents I've been analyzing recently The Africa Middle Market Fund ' site is the latest example of a...

Tags: site, web site defacements, site helps webmasters, web site defacement, web sites, sites, traffic exchange, traffic, traffic suppliers

Are you using the latest web browser?

2008-07-16 13:24:00 by Panayiotis Mavrommatis in Google Online Security Blog

...web pages - with the intent to misuse them to launch drive-by download attacks - security researchers from ETH Zurich, Google, and IBM Internet Security Systems were interested in looking at the other side of the attack: the web browser. By analyzing the web browser versions seen in visits to Google websites, they have shown that more than...

Tags: browser, web browser, browser version, versions, secure versions, obsolete browser, web browser versions, web browser users, web

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo