Feed on
Posts
Comments

Category Archive for 'Web Application'

Security training is very important for any organization. When developing a training program, do not forget about the security staff. I am all for sending people to SANS and other company’s security courses. Once your people come back, how will they practice what they have learned? Hopefully, everyday at work does not involve tracking inventive [...]

Read Full Post »

Happiness abandoned Twitter this week as it was revealed that an 18-year-old was able to use an automated password-guesser to break into an account. Twitter allowed for an unlimited number of log-in attempts. The hacker used a simple dictionary attack that revealed at 11:00am Monday the password of “happiness.” Once the hacker [...]

Read Full Post »

Robert “RSnake” Hansen and Jeremiah Grossman were to present at OWASP AppSec NY 2008. Unfortunately, their presentation involving clickjacking was effectively canceled at the request of the vendor Adobe. In addition to Adobe, RSnake and Grossman have discussed the vulnerability with Microsoft and Mozilla. OWASP ended up having a clickjacking 20-Questions session [...]

Read Full Post »

Older Posts »

Bad Behavior has blocked 568 access attempts in the last 7 days.