Two people I know both released a whitepaper this week and I want to mention them here.
- The Extended HTML Form Attack Revisited from Sandro at Enablesecurity.
Back in 2002 I had published details of a vulnerability affecting most web browsers. It detailed a security flaw that allows attackers to abuse non-HTTP protocols to launch Cross Site Scripting attacks even when a target web application was not vulnerable to XSS.
Six years later I’m releasing an update to this research. - DEFEATING THE NETWORK SECURITY INFRASTRUCTURE from Philippe at Radarhack.com
This presentation, DEFEATING THE NETWORK SECURITY INFRASTRUCTURE v1.0.pdf, was made after some brainstorming with some friends. The techniques used are not new and the tools readily available for download. The purpose of the discussion is to debate how internal enterprise resources might be (in)adversely exposed to the internet by in an insider using common techniques as SSH and SSL.Both gave me some new insights in tools or techniques and are worth reading. Thnx guys.
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment