The HP Security laboratory
Browse by Tags
All Tags
»
XSS
Ajax
conferences
hacked
iPhone
JavaScript
phishing
Safari
XSS+phishing in Italian bank hack
10 January 08 11:43 AM
|
Billy
|
1 Comments
Netcraft is reporting today about a phishing attack leveraging XSS against an Italian bank. From the article (emphasis mine) An extremely convincing phishing attack is using a cross-site scripting vulnerability on an Italian Bank's own website to
Read More...
SPI Labs advises avoiding iPhone feature
16 July 07 03:40 PM
|
Billy
|
18 Comments
The Apple iPhone’s Safari web browser has a special feature that allows the user to dial any phone number displayed on a web page simply by tapping the number. SPI Labs has discovered that this feature can be exploited by attackers to perform various
Read More...
Speaking at Shmoo
22 March 07 05:05 PM
|
Billy
|
5 Comments
I’m really excited to be speaking at Shmoocon again and especially excited about my presentation this Saturday at 1pm. Javascript Malware for a Gray Goo Tomorrow focuses on the increased scope of damage caused by Cross-Site Scripting (XSS) vulnerabilities
Read More...
Search
Go
This Blog
Home
Email
Tags
Ajax
Ajax Security Book
AJAXWorld
ASP.NET
book
Bookmark
conferences
Firefox
hacked
IE
information disclosure
input validation
iPhone
JavaScript
Jikto
JSON
malware
Mozilla Rhino
Password Security
phishing
Privacy
product comparison
Safari
security
Shmoocon
testing methodology
webcast
worm
XSS
XSS Ajax
Navigation
Home
Blogs
Forums
Photos
Downloads
Archives
January 2008 (1)
December 2007 (2)
November 2007 (5)
October 2007 (1)
August 2007 (2)
July 2007 (2)
April 2007 (1)
March 2007 (1)
January 2007 (2)
December 2006 (1)
November 2006 (1)
October 2006 (2)
July 2006 (4)
June 2006 (5)
May 2006 (1)
April 2006 (2)
Syndication
RSS 2.0
Atom 1.0