This topic has come up before, but it is probably worthwhile noting that of course, any data provided by the user can be used against a web application, not just proper POST and GET data. For example, we had a couple readers point us to a recent blog post in http headers  and how many web application vulnerability scanners miss them. Another reader (Thanks Ovi!) sent us an interesting example hiding the exploit in the browser’s user agent field.Read More...
- Android p/wd managers: still growing, some outdated but effective. Try them and let them do the hard work for you March 8, 2014
- North Carolina State University: Practical Root Exploit Containment (PREC) uses DB of expected app behaviour March 7, 2014
- PHP 5.4.26 and 5.5.10 available. Several Security Fixes @ : http://www.php.net/downloads.php, (Fri, Mar 7th) March 7, 2014
- .KR #LEO arrest 2 for #hacking KT Corp telco, 12M records sold to telemarketers for cell phone sales: $10.8M in 1 yr March 7, 2014
- Blue Coat Security Labs: porn slips into second place, behind #malware laced ads as biggest mobile threat March 7, 2014
Tagsapi apple archives article browser bruce schneier business china copyright development director downloads education enterprise events facebook feeds gfi government hackers hacking infrastructure internet linkedin linux management microsoft network networks news opinion phishing podcasts science security social-media south-africa symantec team cyrmu technology united-kingdom united-states videos vulnerability windows