Tag: Cross Site Scripting

Everyone Talks About Phishing, But No One Blames XSS

Phishing. An ancient attack by internet standards, that both the general public and developers are aware of to different extents. Phishing relies on social engineering to allow hackers to gain access to sensitive data through fraudulent call-to-actions which mimic alerts from trusted brands and sources.  

Read More ›

Application Security

Eye Of The Hacker: Analyzing Today’s Top Application Security Solutions

Rafay Baloch takes no prisoners when it comes to exposing vulnerabilities. An ethical hacker since the young age of 14, Baloch is now known within InfoSec circles as a seasoned security expert. His ever-growing list of “victims” includes leading platforms such as Android, Google, PayPal and Nokia, with the former earning him worldwide acclaim.

Read More ›

Code Injections

5 Deadly Code Injections That Can Obliterate Your Application

Cybercrime has evolved significantly over the years. While initially based mainly on social engineering and phishing, hackers today implement a wide range of techniques to exploit vulnerable applications with porous code. Code injections have arguably become the weapons of choice for hackers and are constantly being used to perform high-profile hackings worldwide.     

Read More ›

The AliExpress XSS Hacking Explained

This post was originally published on the AppSec-Labs blog.   As you may have heard it was recently advertised that AliExpress, one of the world’s largest online shopping websites, was found to have substantial security shortcomings. As one of the people who discovered the Cross-Site Scripting (XSS) vulnerability, I would like to discuss and elaborate

Read More ›

US-CERT Releases InfoSec Guidelines For 2014 Winter Olympics

The 2014 Winter Olympic Games begin on February 6 in Sochi, Russia. While always a spectacular and festive event, the technological aspect brings in numerous Information Security issues. The United States Computer Emergency Readiness Team (Department of Homeland Security) has released a formal advisory ahead of the Sochi Games.

Read More ›

Jump to Category