SecurityRatty: tag: web-application

Forgot your password? may be weakest link in web security

2008-08-27 13:27:57 by Editor in Digg / Security

Almost everyone forgets a Web site password once in a while. When you do, you click on the familiar Forgot your password? link. As an experiment, Thompson recently asked a few friends for permission to "hack" into their bank accounts. Using only information gathered from Web sites such as Facebook, he found his way in to each account within minutes

Tags: password, web site password, thompson recently, link, bank accounts, web sites, experiment, friends, hack

Judge lets privacy advocate keep Social Security numbers on Web site

2008-08-27 13:00:00 by Editor in Computerworld Security News

A federal judge ruled that the state of Virginia can't prosecute operators of Web sites that post Social Security numbers obtained legally from government Web sites

Tags: government web sites, web sites, federal judge ruled, post social security, prosecute operators, virginia

Monetizing Web Site Defacements

2008-06-13 11:54:20 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

What used to be a harmless web site defacements back in the old school days, is today's ongoing monetization of defaced web sites, a logical development given the consolidation between different underground parties, evidence of which can be seen in the majority of incidents I've been analyzing recently The Africa Middle Market Fund ' site is...

Tags: site, web site defacements, site helps webmasters, web site defacement, web sites, sites, traffic exchange, traffic, traffic suppliers

Are you using the latest web browser?

2008-07-16 13:24:00 by Panayiotis Mavrommatis in Google Online Security Blog

Written by Thomas Duebendorfer In view of mass defacements of hundreds of thousand of web pages - with the intent to misuse them to launch drive-by download attacks - security researchers from ETH Zurich, Google, and IBM Internet Security Systems were interested in looking at the other side of the attack: the web browser. By analyzing the web...

Tags: browser, web browser, browser version, versions, secure versions, obsolete browser, web browser versions, web browser users, web

NAPA Shows How the Government is Using Web 2.0

2008-07-16 20:45:37 by Julia Lim in ScienceLogic

Back in April, we attended a session at the FOSE conference that highlighted Web 2.0 usage in the public sector . We also found through a survey of government workers that 65% of government IT workers surveyed said that Web 2.0 tools are important to their operations. The overall message was that all IT, government included, have too many...

Tags: web, government, web page, government web, collaboration, mass collaboration, collaboration project seeks, government employees, enhance government transparency

Web Server Software and Malware

2007-06-05 09:30:00 by Niels Provos in Google Online Security Blog

Posted by Nagendra Modadugu, Anti-Malware Team In this post, we investigate the distribution of web server software to provide insight into how server software is correlated to servers hosting malware binaries or engaging in drive-by-downloads We determine server operating system by examining the 'Server:' HTTP header reported by most web...

Tags: servers serve malware, servers, apache servers, malicious servers, web server software, server software, web servers, microsoft iis, microsoft iis features

Web Site: Security and Trust

2007-01-18 07:10:00 by RaviC in Musings on Information Security

Many of us have this notion that a web site that is accessible securely through https can be trusted. This is not true. Not all the sites that use https can be trusted. Nothing can stop fraudsters from setting up a https web site. Though https offers security it does not offer trust. Trust is a choice that the user has to make consciously. Here...

Tags: web site, https, https web site, trust, offer trust, web site belongs, https url, https offers security, ensure

Excel Spreadsheet on the web exposes Army officers and civilians

2008-04-13 20:23:28 by Evan Francen in The Breach Blog

Technorati Tag: Security Breach Date Reported 4/4/08 Organization United States Army Contractor/Consultant/Branch United States Army Acquisition Support Center ("USAASC Victims Colonels and civilians who managed programs within ASC Number Affected about two dozen Types of Data name, rank, program and organization" and Social Security...

Tags: web, personal information remains, personal information, army, usaascs web site, information, spreadsheet, usaasc response, usaasc

Web 2.0 Privacy and Security Workshop - Papers Released

2008-05-26 08:23:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Last week, the 2008's W2Sp workshop held in Oakland, California and sponsored by the IEEE Symposium on Security and Privacy , made available all the papers from the workshop, including catchy titles such as input type="password" must die Web Authentication by Email Address Beware of Finer-Grained Origins On the Design of a Web Browser: Lessons...

Tags: privacy, workshop, privacy protection, privacy propagation, social networks, social, w2sp workshop held, social web, ubiquitous web services

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo