-
Sony PlayStation’s site SQL injected, redirecting to rogue security software
"The latest high trafficked web site to fall victim into the continuing waves of massive SQL injection attacks courtesy of Sony PlayStation's site SQL injected copycats and the ASProx botnet, is Sony's PlayStation U.S site according to a recent post at SophosLabs's blog" – ZDNet Article Link: http://blogs.zdnet.com/security/?p=1394
-
Firefox 2.0.0.15 Addresses Multiple Security Issues
Firefox 2.0.0.15 was released addressing the following security issues. MFSA 2008-33 Crash and remote code execution in block reflow MFSA 2008-32 Remote site run as local file via Windows URL shortcut MFSA 2008-31 Peer-trusted certs can use alt names to spoof MFSA 2008-30 File location URL in directory listings not escaped properly MFSA 2008-29 Faulty…
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack