lcamtuf's blog: CSP, HTML5, and the aesthetics of security
Modern browsers are incredibly complex beasts, pushed well beyond their intended limits - and in that capacity, broken in more ways than we can imagine. We are only beginning to scratch the surface of all the design problems ahead of us - say, new and unexpected classes of UI vulnerabilities - but even within the bounds of what we understand and know how to fix, some fascinating and very human discourse patterns emerge... and will ultimately shape the future of the web.
Trustwave's Global Security Report 2011: Web Application Risks - SpiderLabs Anterior
While there is a ton of great data within the GSR 2011 report, for this blog post, I wanted to focus a bit of attention to the web application sections of the report.
Ready for Cyberwar? — Krebs on Security
Security vendor Imperva today blogged about a hacker who claims to have access to and control over several top dot-gov, dot-mil and dot-edu Web sites. I’ve seen some of the back-end evidence of his hacks, so it doesn’t seem like he’s making this up.
Random thoughts on software development, information security, life, and any kind of (un)interesting things.
Monday, January 24, 2011
Daily links for 01/22/2011
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment