Tag Archives: Cross-Site Scripting

January 2012 Cyber Attacks Timeline (Part 2)

Click here for part 1.

The second half of January is gone, and it is undoubtely clear that this month has been characterized by hacktivism and will be remembered for the Mega Upload shutdown. Its direct and indirect aftermaths led to an unprecedented wave of cyber attacks in terms of LOIC-Based DDoS (with a brand new self service approach we will need to get used to), defacements and more hacking initiatives against several Governments and the EU Parliament, all perpetrated under the common umbrella of the opposition to SOPA, PIPA and ACTA. These attacks overshadowed another important Cyber Event: the Middle East Cyberwar (which for the sake of clarity deserved a dedicated series of posts, here Part I and Part II) and several other major breaches (above all Dreamhost and New York State Electric & Gas and Rochester Gas & Electric).

read more

Next Generation Firewalls and Web Applications Firewall Q&A

If I ask to an average skilled information security professional what a firewall is, I am pretty sure that he will be able to answer my question and describe with great detail concepts as packet filter, application proxy and stateful inspection.

I am afraid that the situation would be completely (and dramatically) different in case I would decide to ask him what a Next Generation Firewall (abbreviated as NGF and sometime also referred as Application Firewall) is, and most of all what a Web Application Firewall (abbreviated as WAF) is and how it is different from a traditional UTM or Firewall or also from a Next Generation Girewall.

read more

Application (In)Security in the Citi

Today some more details about the Citi breach were revealed and it looks like it is not connected with the RSA breach.

The investigation is still in place, but data collected so far show the kind of attack performed is pretty much more “traditional” then a SecureID clonation: the attackers were able to bypass the perimeter security systems by logging on the site reserved for credit card customers (but no one has explained so far how) were they were able to exploit some vulnerabilities on the Home Banking Web Site.

read more

Cross-Site Scripting in svendita… All’Android Market

Per un giorno mi ero ripromesso di non parlare dei problemi di sicurezza dell’Androide ma non ce l’ho fatta… Non si sono ancora sopite del tutto le polemiche relative al modello di sicurezza dell’Android Market (io invece mi ero quasi sopito) che oggi è trapelata la notizia di una grave vulnerabilità di tipo XSS esistente, dalla sua origine, nella versione Web dell’Android Market. Prima della sua scoperta da parte di Jon Oberheide (ricercatore di sicurezza non nuovo a questo genere di scoperte), la vulnerabilità  in questione era sfruttabile inserendo codice malevolo  all’interno del campo “Description” nella finestra di pubblicazione delle applicazioni.

read more