-
Cross Site Scripting Flaw Exploited in Paypal
"The scam works quite convincingly, by tricking users into accessing a URL hosted on the genuine PayPal web site. The URL uses SSL to encrypt information transmitted to and from the site, and a valid 256-bit SSL certificate is presented to confirm that the site does indeed belong to PayPal; however, some of the content…
-
JavaScript worm targets Yahoo!
"A JavaScript worm that takes advantage of an unpatched vulnerability in Yahoo!'s webmail service has been discovered on the net. The JS-Yamanner worm spreads when a Windows user accesses Yahoo! Mail to open an email sent by the worm. The attack works because of a vulnerability in Yahoo! Mail that enables scripts embedded within HTML…
-
Web App Hack Incidents Are Up As Businesses Take Cover
"Web site hacks are on the rise and pose a greater threat than the broad-based network attacks that have been giving IT departments fits. Whereas attacks against networks disrupt Internet service and negatively impact companies trying to do business over the Web or private networks, attacks against Web applications threaten to steal critical customer, employee,…
-
Another reason not to live in Ohio
"An 18 year-old boy was recently arrested in Ohio for telling fellow students to refresh the schools web page in order to slow down the server. He is being charged with a felony and is currently being held in jail. According to Canton City Prosecutor Frank Forchione 'This new technology has created a whole wave…
-
Trojan Horse Program Targetting Adsense
Apparently people are uploading malware to users computers in order to modify ads displayed on websites they visit with their own ad. "Techshout.com reports that a new, deceptive Trojan Horse program has surfaced. The program is engineered to produce fake Google ads that are formatted to look like legitimate ones. The ads are incorporated in…
-
More than 450 Phishing Attacks Used SSL in 2005
Netcraft has published some statistics about phishing on their site. "In its first year, the Netcraft Toolbar Community has identified more than 450 confirmed phishing URLs using "https" urls to present a secure connection using the Secure Sockets Layer (SSL). The number of phishing attacks using SSL is significant for several reasons. Anti-phishing education initiatives…
-
Yahoo Cross Site Scripting Vulnerability Discovered
A posting to the Full Disclosure mailing list claims an unpatched Cross Site Scripting vulnerability in Yahoo!'s mail with example script code. Quoting the author "i didnt contact yahoo, because i contacted them previously regarding a similar vulnerability, and yes they fixed it "silently" without even sending me a thank you email, frankly i didnt…
-
“2005 The Year of Phishing”
Phishing has exploded in 2005 so I've decided to dedicate a section of this site towards it. I have created a Phishing resource page providing a list of tools, news articles, whitepapers, and solutions to phishing. If there is a resource that I've missed please let me know. Phishing Link: Phishing HomePage
-
PHP Worm in the Wild
"Virus writers have created a Linux worm which uses a recently discovered vulnerability in XML-RPC for PHP, a popular open source component used in many applications, to attack vulnerable systems." – The Register Article Link http://www.theregister.co.uk/2005/11/07/linux_worm/
-
Securityfocus.com Defaced
Securityfocus home of bugtraq and other importantsecurity mailing lists was defaced today by theattacker known as "Fluffi Bunni". This is probablythe best known security site on the net and proofanything can be breached if one spends enough time.According to defaced.alldas.de the advertising companywas defaced and fed the image to securityfocusalthough no public statement has been…
-
Code Red Part 3: Backdooring your IIS machine
Yet another variant of Code Red worm has comeout that not only exploits you but backdoorsyour webserver. It creates a file called root.exewhich is really a copy of your cmd.exe file. Thiswill allow a attacker to execute commands on your machine with complete control. This can also allowpeople to commit large scale ddos attacks with…
-
The Worm that won’t die
Well as everyone knows Code Red Worm is one busy worm.It seems to be so busy in fact that it managed to thissite over 40 times in less then 2 days. Originally we gothit roughly 30 times. Proof enough you need to keep your systems patched and up to date. This worm can be reddenedby…
-
Sans.org Defaced!
A very well known computer security websiteand training center has been defaced. The defacer known as "Fluffi Bunni" is well knownfor attacks against apache.org, sourceforge,and exodus to name a few.You can read more about his past attacks inthe old news section of this site.Sans.org Mirror listed belowSans.org Defaced
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack