HTML Injection is a vulnerability which occurs in web applications that allows users to insert html code via a specific parameter for example or an entry point.
Browsing: Malware and Vulnerabilities
The third annual Web Application Vulnerability Report from Context Information Security shows that despite increased awareness and understanding of web application security, the level of vulnerabilities in web apps remains largely unchanged.
We are always spoilt in April with not only Infosec, but 44Cafe and BSides London too – and this year was another corker.
In the wake of the recent NSA / Prism debacle, there has been a large push for secure, encrypted communications for the average user.
In the realm of IT security, when organisations have their very business on the line, the instinct for most companies is to simply throw money and technology at the problem, upgrading technical systems at every opportunity to keep pace with emerging threats.
The maintainers of Ruby have fixed a serious flaw in its SSL client that could have allowed an attacker to conduct man-in-the-middle attacks by spoofing an SSL server.
As cybercrime expands and evolves, a new study categorizes and describes the top five threats: data breaches, malware, DDoS, mobile threats and the industrialization of fraud – and they’re all interrelated.
A mobile developer has discovered what he claims is a security vulnerability in the Facebook Graph Search that allowed him to automate the compilation of a list of some 2.5 million phone numbers
Google’s Safe Browsing program is now flagging 10,000 suspect websites per day, the search giant announced in a blog post. The information is used to deliver automated warnings to Chrome, Firefox and Safari users.
A security firm is warning about as serious security vulnerability in Samsung’s Galaxy S4 devices, claiming that attackers can use it to silently send text messages.