The Snare Of Unauthorized Requests

Monday, April 21st, 2008

Almost everyone knows what CSRF or better unauthorized requests are. I never really embraced CSRF as the correct term for unauthorized request issues, because the term is outdated and inadequate to contemporary hacking. For me, an unauthorized request is the layer or automation of a hacking procedure without direct interference ...

Firefox Released

Wednesday, April 16th, 2008

For those of you who are not trying out a BETA version of Firefox 3, version has been released and can be downloaded from here.

Tracking down Firefox plug-ins

Monday, April 14th, 2008

My last posting was about upgrading the Adobe Flash Player, a Web browser plug-in. Adobe Systems just released a new version that fixes critical bugs in older versions, so everyone should update to the latest version. Adobe's Flash tester page displays the version of the Flash Player being used by your ...

Vulnerability in Google spreadsheets allows cookie stealing

Monday, April 14th, 2008

Security researcher Billy Rios has discovered a vulnerability in Google Spreadsheets which attackers can exploit using links to crafted tables to steal a user's cookie. According to Rios, the victim has to follow such a link in Internet Explorer. The stolen cookie can be used to access all Google services ...

ActiveX is least secure plug-in

Monday, April 14th, 2008

ActiveX controls made up most of all browser plug-in vulnerabilities in the second half of 2007, according to Symantec. The company has just released its semi-annual web security report and in it said that Microsoft's technology, primarily used to create add-ins for Internet Explorer, accounted for 79 percent of the 239 ...