- Why Chrome has No NoScript
- Cross-domain search timing
- A checklist approach to security code reviews
- Potent malware link infects almost 300,000 webpages
- HTML5 new XSS vectors
- Pentagon Web Site Vulnerabilities Identified and Perspective on Pentagon "Pwnage"
- Cross-Site Request Forgery For POST Requests With An XML Body
- Security in Syndicated and Federated Systems
- IP Spoofing
- How fake sites trick search engines to hit the top
Friday, December 11, 2009
Best of Application Security (Friday, Dec. 11)
Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected!