Monday, January 21, 2008

Quick Links

Things I don’t have time to blog about, but worthy of a post, and in no particular order.

1) How did I not know about a conference in a Hawaii that invites information security speakers!?! - HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS)

2) Mike Andrews, application security powerhouse and all around cool guy, has started blogging! Welcome to the sphere and your second job. :)

3) An XSS vulnerability in the MySpace API. Interesting example, fortunately for them its not wormable.

4) was briefly redirected to a porn website due to the third-party JavaScript of an advertiser being taken over by a pornographer. Apparently the advertisers domain lapsed and the new porn owner replaced the JS content. The same type attack that Tom Stripling warned about in his AppSec 2007 presentation.

5) The RIAA’s website wiped out by a SQL Injection attack

6) IE 7 forced update coming Feb. 12


Anonymous said...

HICSS was good! But frankly, there is not lot of talks on security, most are business/management, so you may not be that interested by that.

Jeremiah Grossman said...

Sssh! Don't tell that to the marketing dept, I might get a free trip back home. :)