AppSec Blog: Author - Ryan Barnett

Weekly Roundup of Web Hacking Incidents

The following web hacking incidents were added to WHID in the past week: WHID 2010-216: DDoS: Myanmar attacks larger than those against Estonia and Georgia - http://bit.ly/cZBLWG WHID 2010-215: Hacker Claims Full Compromise of Royal Navy Website - http://bit.ly/dg9v6q WHID 2010-214: Attack cause Intuit Web-hosting service outage? - http://bit.ly/dn8yed WHID 2010-213: Cops: Hacker Posted Stolen … Continue reading Weekly Roundup of Web Hacking Incidents


Weekly Roundup of @Risk Web Application Vulnerabilities

Volume: IX, Issue: 45 November 4, 2010 Summary of the vulnerabilities reported this week: Web Application - Cross Site Scripting 10.45.27 - Zomplog Cross-Site Scripting and HTML Injections 10.45.28 - Drupal Watcher Module Cross-Site Scripting Issue Web Application 10.45.29 - BlogBird Multiple HTML Injection Issues 10.45.30 - XAMPP Cross-Site Scripting and Information Disclosure Issue 10.45.31 … Continue reading Weekly Roundup of @Risk Web Application Vulnerabilities


Weekly Roundup of Web Hacking Incidents

The following web hacking incidents were added to WHID in the past week: WHID 2010-211: New DDoS Trojan Attacks Sites That Criticize Vietnamese Communist Party - http://bit.ly/cBlZH9 WHID 2010-210: RIAA and LimeWire - Both Are Offline - http://bit.ly/dzzCtR WHID 2010-209: Hacker may have accessed DHH database - http://bit.ly/9JGnnR WHID 2010-208: BoingBoing hacked and defaced - … Continue reading Weekly Roundup of Web Hacking Incidents


Weekly Roundup of @Risk Web Application Vulnerabilities

****************************************************************** @RISK: The Consensus Security Vulnerability Alert October 28th, 2010 Vol. 9. Week 44 ****************************************************************** Web Application - Cross Site Scripting 10.44.25 - sNews "snews.php" Cross-Site Scripting and HTML Injection Vulnerabilities 10.44.26 - IBM Tivoli Access Manager for e-business … Continue reading Weekly Roundup of @Risk Web Application Vulnerabilities


Weekly Roundup of Web Hacking Incidents

The Web Hacking Incident Database, or WHID for short, is aWeb Application Security Consortium project dedicated to maintaining a list of web applications related security incidents. WHID's goal is to serve as a tool for raising awareness of the web application security problem and provide information for statistical analysis of web applications security incidents. The … Continue reading Weekly Roundup of Web Hacking Incidents