Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- Mozilla tackles XSS vulnerabilities with new technology
- Mozilla tackles XSS vulnerabilities with new technologysounds kinda like SPF, but for JavaScriptVery cool!On another note, any idea's why Firefox doesn't take advantage of the Sandbox framework provided by Vista?Is it because of Vista's market share, to ease cross platform porting, or something else?It's JavaScript not Java ScriptSome purists might...
- Tags: Scripting languages, Web browsers, JavaScript, XSS Vulnerability, XSS, Mozilla Corp.
- Discussion threads 2009-06-22
- Google fixes critical XSS vulnerability
- Google fixes critical XSS vulnerabilityYour first sentence says what? ntntRe: Your first sentence says what?http://en.wikipedia.org/wiki/All_your_base_are_belong_to_us in the sense that they fixed it fast enough before someone could abuse it.Wow, really?We really need to get better at 'passing the torch' or all the old traditions will die. You never heard...
- Tags: XSS Vulnerability, XSS, Google Inc.
- Discussion threads 2008-11-12
Additional Resources
- Microsoft says Google Chrome Frame doubles IE attack surface
- Actually, it means that some of the browsing will be much safer by using Chrome. Notice that Microsoft's ONLY arguments here are bogus security arguments. They do not even try to deny that Chrome is much faster and better.RE: Microsoft says Google Chrome Frame doubles IE attack surfaceIf Google Chrome...
- Tags: Web browsers, Google Inc., Microsoft Internet Explorer, Chrome, Microsoft Corp., Web browser, plug-in
- Discussion threads 2009-09-24
- Two ActiveX vulnerabilities make IE a toxic choice
- Two ActiveX vulnerabilities make IE a toxic choiceDude, you are the man.I just posted this at Ed Botts article.http://talkback.zdnet.com/5208-12354-0.html?forumID=1&threadID=66708&messageID=1260493Next I hit HOME, and VOILA, see you have just posted what I've been complaining about. GOOD JOB !LOL, let me feed your click-bait[i]I used to be a big fan of IE,...
- Tags: Web browsers, Microsoft Internet Explorer, toxic choice, ActiveX, ActiveX vulnerability, Mozilla Firefox, vulnerability
- Discussion threads 2009-07-13
- Coming in July: Month of Twitter Bugs
- A well-known security researcher plans to use the month of July to expose serious vulnerabilities in the Twitter ecosystem. The Month of Twitter Bugs, a project which launches on July 1, is the handiwork of Aviv Raff left, a researcher known for his work on Web-based security...
- Tags: Vulnerability, Twitter, Aviv Raff, Web 2.0, Security, Internet, Ryan Naraine
- Blog posts 2009-06-15
- StrongWebmail CEO's mail account hacked via XSS
- A Webmail service that touts itself as hack-proof and offered $10,000 to anyone who could break into the CEO's e-mail has lost the challenge. A trio of hackers successfully compromised the e-mail using persistent cross-site scripting XSS vulnerability and are now claiming the bounty. ...
- Tags: XSS, CEO, E-mail, Online Communications, Ryan Naraine
- Blog posts 2009-06-04
- Mozilla: Firefox 3.5 RC1 ready to roll in 48 hours
- Mozilla: Firefox 3.5 RC1 ready to roll in 48 hoursFantastique!Hats off to the Mozilla Firefox Developer Team!RE: Mozilla: Firefox 3.5 RC1 ready to roll in 48 hoursIts about time. Given their current rate of things we won't see final release for another 4 months.Presumably, Firefox 3.5 RC1 will be much...
- Tags: Web browsers, Firefox 3.5 RC1, Firefox 3.5, Mozilla Firefox, Mozilla Corp.
- Discussion threads 2009-05-27
- Twitter API ripe for abuse by web worms
- A security researcher is warning that the Twitter API can be trivially abused by hackers to launch worm attacks. The red-hot social networking/microblogging service has been scrambling to plug cross-site scripting and other Web site vulnerabilities to thwart worm attacks but, as researcher Aviv Raff points out,...
- Tags: Web, API, Worm, Twitter, Twitpic, Cyberthreats, Viruses And Worms, Security, Ryan Naraine
- Blog posts 2009-05-26
- French hacker gains access to Twitter's admin panel
- UPDATE2: Twitter confirms the unauthorized access. UPDATE: The Twitter admin hack appears to be the result of a successful social engineering attack against one of Twitter's employees -- similar attack took place in January this year. Here's a retrospective of the events that took place. ...
- Tags: Hacker, Twitter, Attack, Hacking, Security, Dancho Danchev
- Blog posts 2009-04-30
- Five 'must-secure' Web app vulnerabilities
- Security holes in the Apache Geronimo Application Server and SAP cFolders headline a list of five serious Web app vulnerabilities that demand immediate attention. According to Mark Painter from the HP Security Laboratory, the Geronimo flaws expose users to a variety of attack vectors that could lead...
- Tags: Novell Inc., Apache Geronimo, Attacker, Vulnerability, XSS, Web Application, SAP AG, Attack, Authentication Credential, SAP cFolders SAP cFolders, CS Whois Lookup CS Whois Lookup, Security, Ryan Naraine
- Blog posts 2009-04-29
- Internet Explorer + Google Chrome = security problem
- Security problems surrounding protocol handling and Web browsers have surfaced again -- this time with Google Chrome and Microsoft's Internet Explorer. According to an advisory from the Google Chrome team, there's an error in handling URLs with the a chromehtml: protocol that could allow an attacker...
- Tags: Google Inc., Microsoft Internet Explorer, Google Chrome, Web Browsers, Security, Internet, Ryan Naraine
- Blog posts 2009-04-27
- Mozilla patches a dozen Firefox vulnerabilities
- Mozilla has shipped a refresh of its flagship Firefox browser to fix a dozen documented vulnerabilities that expose users to URL spoofing, cross-site scripting, code injection and code execution attacks. The most serious fix (MFSA 2009-14) covers four browser engine and JavaScript engine crashes where Mozilla's developers...
- Tags: Mozilla Firefox, Attacker, Vulnerability, Patch Management, Web Browser, Mozilla Corp., Memory Corruption, Web Browsers, Security, Internet, Ryan Naraine
- Blog posts 2009-04-22
- Twitter hit by multiple variants of XSS worm
- During the weekend and early Monday, at least four separate variants of the original StalkDaily.com XSS worm hit the popular micro-blogging site Twitter, automatically hijacking accounts and advertising the author's web site by posting tweets on behalf of the account holders, by exploiting cross site scripting flaws at the site....
- Tags: Flaw, XSS, Worm, Twitter, www.StalkDaily.com, Mikeyy XSS, Cyberthreats, Viruses And Worms, Security, Dancho Danchev
- Blog posts 2009-04-14
- Google downplays severity of Gmail CSRF flaw
- Yesterday, Vicente Aguilera Diaz from Internet Security Auditors released proof of concept of a CSRF (Cross-Site Request Forgery) vulnerability in Google's Gmail, which he originally communicated to Google two years ago. The CSRF flaw affects Gmail's "Change Password" function, since according to Diaz the session cookie is automatically sent by...
- Tags: Google Inc., Google Gmail, Password, Flaw, Vulnerability, XSS, CSRF Flaw, E-mail Providers, Cloud Computing, Security, Internet, Dancho Danchev
- Blog posts 2009-03-04
- The Perils of Cross-Site Scripting (XSS)
- Cross-site Scripting XSS attacks are universally seen as the #1 security vulnerability facing web applications. Don't wait another today to learn how protect the organization. The presenter of this webcast gives an overview on XSS (techniques, consequences and vulnerabilities and give real-world examples and offensive techniques aimed at short circuiting...
- Tags: XSS, Breach Security
- Webcasts 2009-01-01
- Acunetix Web Vulnerability Scanner 6.0.20081209 (Windows)
- Audit your website security with Acunetix Web Vulnerability Scanner Hackers are concentrating their efforts on attacking applications in your website: 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Web applications are accessible 24 hours a day, 7 days a week and control...
- Tags: Web, Scanner, Vulnerability, Web Application, Microsoft Windows, Web Site, Acunetix, Cloud Computing, Web Site Development, Security, Internet
- Software downloads 2008-12-17
- Hackers exploiting (unpatched) IE 7 flaw to launch drive-by attacks
- Hackers exploiting unpatched IE 7 flaw to launch drive-by attacksCmon Loverock, Comment On This One!That's right, you selectively avoid stories like this. If it's anti-Linux, you pounce right on it.IE7 is a joke.So this doesn't affect XP SP3 or Vista?[i]The Web attacks, first reported by Bob McMillan, takes aim...
- Tags: Web browsers, Microsoft Windows Vista (Longhorn), Microsoft Windows XP Service Pack 2, SECURITY, Microsoft Internet Explorer 7, Microsoft Internet Explorer, Microsoft Windows Vista, Microsoft Windows, exploit, Microsoft Windows XP
- Discussion threads 2008-12-09
- Google: no evidence of a Gmail vulnerability
- Following the speculations on the resurrection of what's thought to be an already fixed Gmail flaw which could assist in domain name hijackings, yesterday Google commented that their investigation indicated that the recent domain hijacks should be attributed to a phishing campaign, rather than to a Gmail flaw. The phishers...
- Tags: Google Inc., Google Gmail, Attacker, Vulnerability, Phishing, Cyberthreats, Spam, E-mail Providers, Security, Viruses And Worms, Spam And Phishing, Internet, Dancho Danchev
- Blog posts 2008-11-26
- News to know: Storm; AMD, Intel; Tech economy reels
- Here are today’s notable headlines. You can get News To Know via email alert and RSS daily: Josh Taylor: Verizon announces BlackBerry Storm availability, pricing Larry Dignan: AMD unveils ‘Shanghai’; Aims to better compete with Intel AMD: Does the resurrection start...
- Tags: Apple iPhone, Best Buy Co. Inc., Larry Dignan, Microsoft Windows 7, Nokia Corp., Shanghai, RIM BlackBerry, Microsoft Corp., Advanced Micro Devices Inc., Intel Corp., Microsoft Windows, Operating Systems, Handhelds, Software, Hardware
- Blog posts 2008-11-13
- Firefox security makeover: 11 vulnerabilities, 4 critical
- Â Mozilla has released a new version of its flagship Firefox browser to fix a total of 11 vulnerabilities that expose users to code execution, information stealing or denial-of-service attacks. Four of the 11 flaws covered with the new Firefox 3.0.4 are rated "critical" because of the risk...
- Tags: Mozilla Firefox, Vulnerability, JavaScript, Web Browser, Mozilla Corp., Web Browsers, Security, Internet, Ryan Naraine
- Blog posts 2008-11-12
- << Previous
- page 1 of 1
- Next >>
White Papers and Webcasts
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
