Surviving the Week 2/1/13 – Ruby on Rails – JSON Parser Vulnerability
Ruby on Rails – JSON Parser Vulnerability The JSON parser which converts JSON into YAML and in turn hands over to the YAML parser is […]
Month: February 2013
Tweet that, Twitter Hack: Potentially 250,000 users compromised
Last week, hackers gained access to Twitter’s internal systems and stole information, compromising 250,000 accounts. In a blog post, on Friday, Twitter announced that they […]
PayPal plugs SQL Injection Hole
An Indian researcher, Prakhar Prasad found a Blind SQL Injection vulnerability in the Paypal Notifications (https://www.paypal-notify.com) application as part of a bug bounty program. The bug enabled him to […]
Did Twitter set users up for future phishing attacks?
On the morning of the Twitter attack, I received this email: On one hand, I appreciate that Twitter was up front with their users, but […]
Techniques for creating secure passwords
Most people are starting to realize that they need to start using more complex passwords, but generally believe: complex password = hard to remember This […]