-
IFRAME is a security risk???
Ok, I have just read the latest in “IFRAME Security†articles and had to write something about it. While going through my usual RSS feeds, I stumbled onto this article, which tries to summarize why “iframes are a security riskâ€. Not to pick on the specific article, but this is not the first time that…
-
Playing with obfuscators – teaching an old dog new tricks…
So our Malicious Page of the Month for September is out now. Going over the details of the document, I wanted to re-visit an old habit I had back in the days of putting code to the test – especially when the code in subject is simple, and has been signature to hell by every…
-
Widgets+Advertisements=?
Coincidence or just sheer luck, but I just happened to stumble upon this article announcing that Google has come up with a widget that serves advertisements, and quoting the source: “A variety of web technologies can be used to create the ad, including Flash and HTML to author it, and RSS, images, video, and audio…
-
Hitting the nail on the head
When we here at the MCRC are publishing our quarterly trends reports (http://www.finjan.com/Content.aspx?id=827), we are always facing the possibility that what we have been working on and predicting that would become the next issue with web security, isn’t really going to happen. Fortunately, we keep getting great feedback from the community since we started the…
-
The perils of running a security blog
This is a bit off-the-beaten-path of this blog’s usual in-depth hardcore security posts. I was going through some of the support related emails that have some relevance to the areas I’m responsible for, and found a pretty interesting correspondence between an avid blog reader (for privacy I’m not going to mention his/her name), and one…