Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. Apache Foundation Hit by Targeted XSS Attack + Internal investigation + Associated Atlassian breach CSRF Isn’t A Big Deal - Duh! Network Solutions Hack: Secure File Permissions Matter + Sucuri Analysis OWASP RFP Criteria Project IE 8 Security Features Could Be Turned Against Users + Slides & PoC Next-Generation Clickjacking Attacks Revealed + Tool Brokerage Firm Fined $375,000 for Unsecured Data Researcher Uncovers (Another) Major Facebook Security Exploit New Full Disclosure, Website Vulnerabilities Database Chrome Phishing 5 Reasons HTTPOnly won’t save you WhiteHat Security is a leading provider of website security services

Read more here:
Best of Application Security (Friday, Apr. 16)

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order.

View post:
Best of Application Security (Friday, Apr. 2)

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. OWASP Podcast Series #61 (Richard Bejtlich) Frenchman Arrested After Hacking Into Obama’s Twitter Accounts + technical details GMail: Detecting suspicious account activity iPhone, IE, Firefox, Safari get stomped at hacker contest + Google’s Chrome Unscathed Side-Channel Leaks in Web Applications Penetrating Intranets through Adobe Flex Applications How Baidu Got Hacked by the Iranian Cyber Army + why Baidu Can’t Sue Sleuths Trace Digital Clues to Predict iPad Sales Securing your JSF pages against XSS Exploiting hard filtered SQL Injections WhiteHat Security is a leading provider of website security services.

Follow this link:
Best of Application Security (Friday, Mar. 26)

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. A Lazy Pen Tester’s Guide to Testing Flash Applications Rock Beats Scissors, and People Beat Process Hacker threat forces DoH to close appraisal site Feds say dev’s ‘cookie-stuffer’ app fleeced eBay A Few Billion Lines of Code Later: Using Static Analysis to Find Bugs in the Real World Death of Product Reviews Are You Rugged?

Go here to see the original:
Best of Application Security (Friday, Feb. 12)

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. Is APT After You

Read more from the original source:
Best of Application Security (Friday, Jan. 22)

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. Top Ten Web Hacking Techniques of 2009 (Official) Default https access for Gmail new static analyzer from Google Purported Interview With Facebook Employee Details Use Of ‘Master Password’ Software testing firm says no to responsible disclosure Web-based systems vs

View original post here:
Best of Application Security (Friday, Jan. 15)

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order.

Go here to read the rest:
Best of Application Security (Friday, Dec. 25)

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected! Why Chrome has No NoScript Cross-domain search timing A checklist approach to security code reviews Potent malware link infects almost 300,000 webpages HTML5 new XSS vectors Perspective on Pentagon “Pwnage” Cross-Site Request Forgery For POST Requests With An XML Body Security in Syndicated and Federated Systems IP Spoofing How fake sites trick search engines to hit the top WhiteHat Security is a leading provider of website security services

See more here:
Best of Application Security (Friday, Dec. 11)

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected! Injection attacks, its not just SQL! You’ve been hacked.

See original here:
Best of Application Security (Friday, Nov. 27)

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order.

Follow this link:
Best of Application Security (Friday, Nov. 13)