Mobile Version
Subscribe
Contact Us
About Us
Advertising
Editorial
SC UK
SC Aus/NZ
Home
News
Features
Opinions
Newsletters
Products
Sectors
Company Moves
News Bytes
Products
Group Tests
First Looks
Products
About Reviews
Blogs
The News Team Blog
The Data Breach Blog
The SC Magazine Awards Blog
Buyers Guide
Whitepapers
Jobs
Events
SC Magazine Awards
SC World Congress
SCWC 24/7
Editorial Webcasts
Vendor Webcasts
Podcasts
Subscribe
Newsletters
Subscribe to SC
Archive
SC World Congress
Archive
Topic Center:
Financial Services
Health Care
Retail
Government
Compliance
20th Anniversary
SC Awards
RSA Conference
RSS
|
Login
|
Register
Cross-Site Scripting
Google patches XSS hole in its Buzz social media platform
Angela Moscaritolo
February 17, 2010
Google on Tuesday fixed a cross-site scripting (XSS) vulnerability in the "Google Buzz for mobile" website that could have allowed an attacker to hijack user's accounts.
Researcher demonstrates Pentagon XSS vulnerability
Dan Kaplan
December 08, 2009
A cross-site scripting vulnerability affecting the Pentagon website is not a major security threat -- but it could turn into one, said a researcher who examined the bug.
Researcher finds "frighteningly bad" Adobe Flash flaw
Greg Masters
November 13, 2009
A new point of entry has been discovered in Adobe Flash that allows attackers to infect any website which permits visitors to upload content, a researcher claims.
Study finds 64 percent of websites contain serious flaws
Greg Masters
November 12, 2009
Web application vulnerabilities remains the primary avenue of attack for cybercriminals, according to a new report.
Reddit succumbs then cleans up from XSS attack
Dan Kaplan
September 28, 2009
Reddit is the latest Web 2.0 site to be slowed by a cross-site scripting attack.
Twitter XSS vulnerability not yet fixed
Angela Moscaritolo
August 26, 2009
Because of the bug, an attacker could potentially capture account credentials, redirect a user to any site, alter a user's tweets or followers, or send messages from a compromised account.
Adobe ColdFusion, JRun updated for critical issues
Angela Moscaritolo
August 17, 2009
Vulnerabilities that affect Adobe's ColdFusion 8.0.1 (and earlier versions) and JRun 4.0 could result in user accounts or an affected system being compromised.
Latest News
Security firm finds bug in Microsoft virtual program
Gartner: Virtualization security will take time
Ransomware not considered threat for Mac OS X
Web fraud losses more than double in 2009, says report
Naked endpoints on your net, and what to do about them
Apple issues Safari 4.0.5 to fix 16 vulnerabilities
LifeLock settles with FTC over ID theft product claims
Troyak shutdown signals short-lived win against Zeus
Pennsylvania CISO out of a job following RSA Conference appearance
Twitter to vet links with goal of curbing phishing attacks
Most Popular
Most Emailed
Most Recent
Pennsylvania CISO out of a job following RSA Conference appearance
LifeLock settles with FTC over ID theft product claims
Apple issues Safari 4.0.5 to fix 16 vulnerabilities
India, Mexico, Brazil have most Mariposa bots
Twitter to vet links with goal of curbing phishing attacks
Troyak shutdown signals short-lived win against Zeus
Let's get back to reality
Web fraud losses more than double in 2009, says report
Ransomware not considered threat for Mac OS X
Gartner: Virtualization security will take time
LifeLock settles with FTC over ID theft product claims
Military ban against USB drives partially lifted
Pennsylvania CISO out of a job following RSA Conference appearance
Newly discovered Zeus spinoff botnet has wide impact
Microsoft offers two fixes, but reveals a zero-day bug
FTC notifies 100 organizations about P2P leaks
CSO of the Year
The enterprise information protection paradigm
Rootkit to blame for Windows fix resulting in blue screen
RSA Conference: White House declassifies U.S. cybersecurity initiative details
Security firm finds bug in Microsoft virtual program
Gartner: Virtualization security will take time
Ransomware not considered threat for Mac OS X
Web fraud losses more than double in 2009, says report
Naked endpoints on your net, and what to do about them
Apple issues Safari 4.0.5 to fix 16 vulnerabilities
LifeLock settles with FTC over ID theft product claims
Troyak shutdown signals short-lived win against Zeus
Pennsylvania CISO out of a job following RSA Conference appearance
Twitter to vet links with goal of curbing phishing attacks
Popular Topics
Analyst Reports & Industry Surveys
Apple Threats
Botnets
Breach Remediation
Breaches & Exposures
Browser Flaws
Cybercrime
Data Breaches
Data Leakage Prevention
Database Security
Endpoint Protection
Government
Hackers
Hacking
Identity Theft
Lawbreakers & Cybercrime
Malware
Patch Management
Patch Tuesday
Phishing
Retail
RSA Conference 2010
Virtualization
Vulnerabilities & Flaws
Vulnerability Management
Sponsored Links