Month: September 2012

Passwords of 100k IEEE members lie bare on FTP server IEEE uses Akamai for content delivery. A FTP directory server was discovered which contained log […]

2012 HouSecCon, 10/11/2012 (in Houston) HouSecCon is coming up – October 11th in Houston. The agenda is shaping up with a bunch of hot topics […]

Surviving SQL Injection (link to free SQL Injection tool) SQLInjection continues to be in the news each week. Despite the fact that it the most […]

A Number of Exploits Including SQL Injection, XSS, and Authentication Bypass This week, researchers found some remarkable vulnerabilities including Remote code execution, SQL Injection, and […]

XSS: Gaining Access to HttpOnly Cookie Using the method getHeaderField in the Java HTTP API, any applet can access cookies with the HttpOnly flag set. […]