Tag: xss

Our wholly insecure web 
By Juha Saarinen | Jun 17, 2014 | Comment Now 
[Blog post] Time to re-engineer for security.
XSS behind a decade of bank hacks 
By Danielle Walker | Nov 15, 2013 | Comment Now 
Penetration testing research.
Yahoo! dumps t-shirt bug bounty for $15,000 cheques 
By Darren Pauli | Oct 3, 2013 | Comment Now 
Security engineer bought tees with own cash
NASDAQ slow to plug site vulns, pen tester says 
By Danielle Walker | Sep 18, 2013 | Comment Now 
Swiss pen testers report flaw.
$5k bug bounty paid for Google.com XSS 
By SC Australia Staff | Jul 31, 2013 | Comment Now 
Google Finance glitch.
'Shoddy' software leaves major holes in NSA site 
By Dan Raywood | Jul 2, 2013 | Comment Now 
Attackers could impersonate web traffic.
OWASP Top 10 released for 2013 
By Dan Kaplan | Jun 13, 2013 | Comment Now 
Injection, broken authentication/session management and cross-site scripting make up the top three spots.
Google ups bug bounty rewards 
By Marcos Colon | Jun 12, 2013 | Comment Now 
Gmail bugs worth $5000.
Twitter, Microsoft, LinkedIn, Yahoo open to hijacking 
By Darren Pauli | Mar 22, 2013 | Comment Now 
Cookie cockup permits account takeover.
Kim Dotcom's Mega details first wave of security bugs 
By Darren Pauli | Feb 12, 2013 | Comment Now 
Netted through bug bounty program.
Spammers stole Yahoo Xtra contact lists: exec 
Mega security bugs detailed 
By Darren Pauli | Feb 11, 2013 | Comment Now 
Serious bugs found.
PayPal's security works 
By Karen Epper Hoffman | Feb 5, 2013 | Comment Now 
PayPal's Andy Steingruebl knows security is not an insular task. By looking outside of its own walls, the company has taken the fight to the enemy, and helped everyone else in ...
XSS attacks boomed 
By SC Staff | Jan 31, 2013 | Comment Now 
Cross-site scripting (XSS) and SQL injection attacks remain the most prominent cyber attack method.
Hacker nabs Yahoo! site backups 
By Darren Pauli | Dec 17, 2012 | Comment Now 
Finds website flaws.
Researcher gains admin access to Kaseya, ManageEngine 
Researcher owns blue chip managed service platforms 
By Darren Pauli | Nov 18, 2012 | Comment Now 
Zero day dropped at #Kiwicon.
Microsoft fixes twin XSS, issues new cert requirement 
By Danielle Walker | Sep 13, 2012 | Comment Now 
Vulnerabilities aren't high-risk.
Website holes fall but xss still dominates 
By SC Staff | Jul 3, 2012 | Comment Now 
Five per cent of web sites vulnerable to XSS.
Menshn dismiss claims of major security flaws 
By Dan Raywood | Jun 26, 2012 | Comment Now 
Owner says don't publish 'spurious claims'.
Sign up to receive iTnews email bulletins
Latest Comments
Which is the most prevalent cyber attack method your organisation faces?

   |   View results
Phishing and social engineering
Advanced persistent threats
Unpatched or unsupported software vulnerabilities
Denial of service attacks
Insider threats