Web Hacking
DNS poisoning patch and the big leak!
Earlier in the month (July 2008), it was reported that vendors had released a fix for a then undisclosed problem with DNS. Even now the big ISP players are still dragging feet in terms of this critical patch. They really should hurry up because an attack code has magically appeared on the multi-purpose testing tool, [...]
Browser Diligency
A recent study has shown that 83.3% of firefox users are running the latest version, whilst only 47.6% of IE users are running the latest patched version. The report suggested that legacy entrprise applications maybe to blame. Some legacy software don’t allow software updates. But I’d throw in that firefox can download and install the [...]
Faulty Browsers
Are today’s browsers inherently bad? Security experts will tell you so. This doesn’t even start considering bugs that may well be found in certain browsers, such as Firefox 3
SQL-Injection: Microsoft and HP help out?
SQL-Injection: Microsoft and HP help out?
Both Microsoft and HP have released a free set of tools that will check web applications for any weaknesses that revolve poor parameter filtering that would lead to SQL injection or XSS. HP have released Scrawlr, which based around the commercial product, WebInspect Wait a second, didn’t Spidynamics create WebInspect? [...]
Never trust a stranger…
No it’s not about stalking, this time. But trust relationships are firmly on my mind and I ain’t talking about my private life neither!
As you may know there’s lots of trust relationships in computing. Those of you who love Microsoft would know about trust relationships from back in the day. And to me, they are [...]
