Ingredients for a Successful Hack
XSS, Cookies, and Session ID Authentication
Cross site scripting (XSS) errors are generally considered nothing more than a nuisance — most people do not realize the inherent danger these types of bugs create. In this article Seth Fogie looks at a real life XSS attack and how it was used to bypass the authentication scheme of an online web application, leading to "shell" access to the web server.
Read the article HERE.
Cross-Site Scripting Flaws Abound
Brian Krebs at Security Fix - to whom we link quite often - has dedicated quite a bit of "ink" lately to covering the dangers of cross-site scripting flaws -- programming errors commonly found on commercial Web sites that phishers and online scam artists can use to trick users into giving away personal and financial data. Last month, we pointed to several such flaws on Web sites built by financial institutions.
Read the entire article HERE.
Cross site scripting (XSS) errors are generally considered nothing more than a nuisance — most people do not realize the inherent danger these types of bugs create. In this article Seth Fogie looks at a real life XSS attack and how it was used to bypass the authentication scheme of an online web application, leading to "shell" access to the web server.
Read the article HERE.
Cross-Site Scripting Flaws Abound
Brian Krebs at Security Fix - to whom we link quite often - has dedicated quite a bit of "ink" lately to covering the dangers of cross-site scripting flaws -- programming errors commonly found on commercial Web sites that phishers and online scam artists can use to trick users into giving away personal and financial data. Last month, we pointed to several such flaws on Web sites built by financial institutions.
Read the entire article HERE.
posted by vanish at 9:03 AM
0 Comments:
Post a Comment
<< Home