Frame Injection Fun (2)
share
digg
by
Adrian 'pagvac' Pastor (3)
on
GNUCITIZEN (27)
6 days
ago
permalink
Frame injection vulnerabilities, although some people might consider them the same as HTML injection/XSS or even a subset, they really are not the same. Here is why: There is no need to inject special control characters such as angle brackets (unlike HTMLi/XSS) HTMLi/XSS filtering routines will not project against frame injection since the attacker only needs to insert a URL in the non-sanitized parameter The best way to explain what I mean is to show ...
When $700 Billion is a Low Number (1)
share
digg
by
David Rice (2)
on
GEEKONOMICS (2)
6 days, 3 hours
ago
permalink
Numbers are interesting. At times, numbers almost feel to possess a physical quality about them; numbers represent something we can hold, even if we cannot actually touch. Really big numbers, even those starting in the millions might be difficult to fathom at first, but somehow we're able to get our head around them; to hold them and manipulate them. Imagine having two million dollars in the bank, and a grin, even a smile, might quickly ...
More Advanced Clickjacking - UI Redress Attacks [GNUCITIZEN] (4)
share
digg
by
pdp (30)
on
GNUCITIZEN (27)
6 days, 23 hours
ago
permalink
This will be a quick post just to share some POCs and more information regarding the recent Clickjacking technique, i.e. UI Redress Attack, a name suggested by Michael Zalewski. Clickjacking is an oldie but, a goodie. You can track the origin of the attack back at the beginning of this decade. Clickjacking is essentially the ant-CSRF killer. It is also the killer of Flash, AJAX (because AJAX apps are sometimes easier to clickjack, look at ...
Experiences Threat Modeling At Microsoft (1)
share
digg
by
sdl (2)
on
The Security Development Lifecycle (2)
1 week
ago
permalink
Adam Shostack here. Last weekend, I was at a Security Modeling Workshop, where I presented a paper on “Experiences Threat Modeling at Microsoft,” which readers of this blog might enjoy. So please, enjoy! And while I’m at it, I wanted to draw attention to some of the other presentations that I thought were very interesting, including one by Karine Peralta “Specifying Security Aspects in UML Models” and “Curriculum for Modelling Security: Experiences and Lessons Learned.”
SAFECode releases "Fundamental Practices for Secure Software Development" document (1)
share
digg
by
michael_HOWARD (5)
on
Michael Howard's Web Log (5)
1 week
ago
permalink
Today, SAFECode released an important document entitled, “Fundamental Practices for Secure Software Development” aimed at helping software producers create more secure software. The document is unique in that it describes what SAFECode members are doing in practice to raise the security bar; it’s not a theoretical or academic document. I believe the fact that it describes what’s used in practice is what makes the document important because it means the ideas in the document can ...
Clickjacking Details, Analysis, and Advice (1)
share
digg
by
rmogull (25)
on
securosis.com (26)
1 week, 1 day
ago
permalink
Looks like the cat is out of the bag. Someone managed to figure out the details of clickjacking and released a proof of concept against Flash. With the information out in public, Jeremiah and Robert are free to discuss it. I highly recommend you read Robert’s post, and I won’t try and replicate the content. Rather, I’d like to add a little analysis. As I’ll spell out later, this is a serious browser flaw (phishers ...
Clickjacking Details (14)
share
digg
by
RSnake (17)
on
ha.ckers.org web application security lab (17)
1 week, 1 day
ago
permalink
Today is the day we can finally start talking about clickjacking. This is just meant to be a quick post that you can use as a reference sheet. It is not a thorough advisory of every site/vendor/plugin that is vulnerable - there are far too many to count. Jeremiah and I got the final word today that it was fine to start talking about this due to the click jacking PoC against Flash that was ...
Hello ClearClick, Goodbye Clickjacking! (5)
share
digg
by
giorgio (25)
on
hackademix.net (17)
1 week, 1 day
ago
permalink
Finally NoScript 1.8.2.1 is out, featuring the announced new anti-clickjacking countermeasures enabled by default, independent from IFRAME and plugin content blocking settings. The most specific and ambitious is called ClearClick: whenever you click or otherwise interact, through your mouse or your keyboard, with an embedded element which is partially obstructed, transparent or otherwise disguised, NoScript prevents the interaction from completing and reveals you the real thing in “clear”. At that point you can evaluate if ...
Cross domain XHR - You can’t trust Origin (1)
share
digg
by
Joshbw (2)
on
Analytical Engine (2)
1 week, 1 day
ago
permalink
The HTML 5 spec lays out the details for cross domain XHR. I’ve written about my dislike of the idea before (details of the access control spec can be found here; I like how they justify sending cookies via XHR because you send them with img requests. In other news, if you don’t need seatbelts on a motorcycle you don’t need them in a car because obviously they are exactly the same scenarios), specifically why ...
the future of software testing (part 7) (1)
share
digg
by
James Whittaker (2)
on
JW on Test (2)
1 week, 1 day
ago
permalink
Testers as Designers Modern testers play largely a role of late cycle heroics that often goes unappreciated come review and bonus time. When we find the big bug it is because we were supposed to … that’s the expectation. When we miss the big bug, people ask questions. It’s often a case of ignored-if-you-do and damned-if-you-don’t. This is going to change and it is going to change soon because it must. My friend Roger Sherman ...
Off the wire: NSA shows the way to develop secure systems (1)
share
digg
on
Help Net Security - News (12)
1 week, 1 day
ago
permalink
The development of highly secure, low defect software will be dramatically helped by the release of the Tokeneer research project to the open source community by the NSA. The unprecedented release of ...
Malicious camera spying using ClickJacking (1)
share
digg
by
guya (4)
on
GUYA.NET (4)
1 week, 1 day
ago
permalink
Update: Adobe has fixed this issue by framebusting the Settings Manager pages. Now, 99.9% of the users are protected from this specific exploit. Congrats on the fast response. —- Turn every browser into a surveillance zombie. The wet dream of every private eye and peeping tom. Imagine this scenario, you play a short game on the [...]
New Cross-Site Request Forgery Attacks (4)
share
digg
by
schneier (378)
on
Schneier on Security (441)
1 week, 2 days
ago
permalink
Interesting: CSRF vulnerabilities occur when a website allows an authenticated user to perform a sensitive action but does not verify that the user herself is invoking that action. The key to understanding CSRF attacks is to recognize that websites typically don't verify that a request came from an authorized user. Instead they verify only that the request came from the browser of an authorized user. Because browsers run code sent by multiple sites, there is ...
Clickjacking and Flash (1)
share
digg
by
pdp (30)
on
GNUCITIZEN (27)
1 week, 2 days
ago
permalink
I heard of clickjacking a couple of weeks back when the media blast started. At that time a had a very vague idea what it was and just recently I saw some POCs coming out to show how it works in practice. Clickjacking, if I may categorize it, falls into the category of GUI attacks. I associate the clickjacking attack with the focus stealing attack which allows attackers to steal any file from the disk ...
Code Crawler – The very team support part (1)
share
digg
by
nTze (2)
on
Alessio Marziali (2)
1 week, 3 days
ago
permalink
In the new upcoming release of Code Crawler a new bunch of features where will released.The Team Management section of the tool has started to work last night and I’m really confident to be able to include new features within next week. In Code Crawler units of code are rappresented and individually marked as “functionalities”.As you can see in the screenshot below, each functionality has its own folder and IO structure. The “Emails” functionality relies ...
Attacks Upon Integrity (3)
share
digg
by
Richard Bejtlich (20)
on
TaoSecurity (20)
1 week, 4 days
ago
permalink
Earlier this year I wrote First They Came for Bandwidth, where I described the motivation behind different sorts of attacks in an historical context:First they came for bandwidth... These are attacks on availability, executed via denial of service attacks starting in the mid 1990's and monetized later via extortion. Next they came for secrets... These are attacks on confidentiality, executed via disclosure of sensitive data starting in the late 1990's and monetized as personally identifiable ...
Neohaxor.org & Blog Archive & Attacking Password Resets w/ Social Networks (2)
share
digg
by
Nathan (171)
on
Neohaxor.org (5)
1 week, 5 days
ago
permalink
Password Reset: Your passport to a fuxored account. Password Reset Methods Vulnerable? Really? Get out of here, you mean that many password reset methods are vulnerable to attack? You have to be kidding. The fact that people think vulnerable password reset is newsworthy have got to be crazy. This is something that many of us have been talking about for years. Now Sarah Palin’s email gets attacked and it is big deal. It amazes me ...
G’Day OWASP! (1)
share
digg
by
Tim (163)
on
owasp - Google Blog Search (2)
1 week, 6 days
ago
permalink
Volunteers: OWASP needs volunteers. It needs PHP experts to work on the PHP ESAPI. It needs technical editors to work on the OWASP Guide for developers. Testers, writers, and wikipedians. It needs volunteers to organize the HoneyComb ...
Security 101 (1)
share
digg
by
Justin Somaini (2)
on
Security Wooby (2)
3 weeks, 4 days
ago
permalink
In talking to customers over the past 5-6 years, I’ve always been amazed at their accomplishments and inability to grasp some of the fundamental problems. With all of the advances in technology, it’s my opinion, that what we do in Information Security is, approximately, 80% fundamentals and the rest is advancement of certain things. I wanted to take some time out and talk about this as most of the people I talk to seem that ...
Encapsulating CSRF attacks inside massively distributed Flash movies - Real world example (1)
share
digg
by
guya (4)
on
GUYA.NET (4)
1 month
ago
permalink
Update: Added a sterilized demo and the source code. CSRF (Cross Site Request Forgery) is considered one of the most widely spread exploits in websites today. I’ve written before about how a legitimate Flash file (swf) can be extremely viral. Few days ago I did a real attack, exploiting a CSRF flaw and elaborated it using [...]
