18 posts from January 2012

January 30, 2012

BusinessWeek is running a great article on bug hunting by companies such as Facebook, Google and more. One of the featured bug hunters is Imperva's Tal Be'ery. Here's Tal's account of finding that particular problem...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 28, 2012

According to this article: a bug by the name of Android.Counterclank has infected between 1 million and 5 million Android users as of this afternoon. This incident points out the problem of having a decentralized...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 27, 2012

This is entertaining. The gist: [Anonymous'] disguise is earning big bucks for a major media conglomerate. Warner Brothers, the Time Warner subsidiary who produced the movie, owns the rights to the Guy Fawkes mask –...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 26, 2012

Today we published our second Web Application Attack Report (WAAR). The full version is available here (no reg required). Last report we described the most common attacks against applications which included SQL injection, Local File...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 25, 2012

The EU has come out with a data protection proposal. First, the good stuff: The new EU privacy law takes a good step forward for privacy. The ability to control and even delete individual data...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 24, 2012

Yesterday we mentioned that the Polish government experienced numerous DDoS attacks. Today, it is Brazil's turn. This pastebin site shows that several Brazilian government sites were brought down: http://pastebin.com/sSi54WFf Here's an image of a downed...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)
Bradley Manning is on trial. For some reason, we didn't find this Wired article linking Manning's document download spree with SharePoint until now. Here are the key passages: Special agent David Shaver, who works for...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 23, 2012

Our blog last week caught an early snapshot of LOIC downloads being used to DDoS various websites. Today, the download picture has changed. Year to date, there were 90,000+ downloads with a peak of 33,007...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 20, 2012

Once again, Anonymous is using the low orbit ion canon (LOIC) to DDoS websites. This tool was developed by white hat hackers stress test websites. Not surprisingly, the tool they are using is exactly the...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)
PC World covered Tal Be'ery's discovery of an IE flaw. Interestingly, the article features an argument that the issue isn't a bug after all. Tal's response: Apps should definitely not trust client’s input and sending...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)