Wednesday, June 15th, 2011 Google has released a list of security features being built into the upcoming Chrome 13 and includes Content Security Policy (CSP) and HTTP Strict Transport Security (HSTS) implementations, certificate pinning and self-XSS filter.The Content Security Policy (CSP) is a specification developed by Mozilla which aimed at providing a solution for ...
Posted in Internet, Privacy, Security | No Comments
Saturday, January 29th, 2011 Microsoft is investigating new public reports of a vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web sites, resulting in information disclosure. This impact is similar to server-side cross-site scripting (XSS) vulnerabilities. Microsoft ...
Posted in Internet, Privacy, Security, Windows | No Comments
Thursday, October 1st, 2009 Mozilla on Wednesday posted preview builds of its Firefox browser with security enhancements designed to mitigate the risk of certain Web attacks.In a blog post, Brandon Sterne, security program manager for Mozilla, asks security researchers and server administrators to help test the changes by downloading a build appropriate for their ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, June 23rd, 2009 For several years, Cross-Site Scripting (XSS) attacks have plagued many of the web’s most popular sites and victimized their users. At Mozilla, we’ve been working for the last year on a new technology called Content Security Policy, designed to shut these attacks down. We wanted to give a bit of ...
Posted in Coding, Internet, Security | No Comments
Thursday, June 18th, 2009 Researchers have built a tool that automatically finds and exploits SQL injection and cross-site scripting vulnerabilities in Web applications.The so-called Ardilla tool uses a technique developed by the researchers -- MIT's Adam Kiezun, the University of Washington's Michael Ernst, Stanford's Philip Guo, and Syracuse University's Karthick Jayaraman -- that creates ...
Posted in Coding, Internet, PHP, Security, Software | No Comments
