Jeremiah Grossman

CEO of Bit Discovery, Professional Hacker, Black Belt in Brazilian Jiu-Jitsu, Off-Road Race Car Driver, Founder of WhiteHat Security, and Maui resident.

Friday, April 16, 2010

Best of Application Security (Friday, Apr. 16)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.

Apache Foundation Hit by Targeted XSS Attack + Internal investigation + Associated Atlassian breach
CSRF Isn’t A Big Deal - Duh!
Network Solutions Hack: Secure File Permissions Matter + Sucuri Analysis
OWASP RFP Criteria Project
IE 8 Security Features Could Be Turned Against Users + Slides & PoC
Next-Generation Clickjacking Attacks Revealed + Tool
Brokerage Firm Fined $375,000 for Unsecured Data
Researcher Uncovers (Another) Major Facebook Security Exploit
New Full Disclosure, Website Vulnerabilities Database
Chrome Phishing
5 Reasons HTTPOnly won't save you

Posted by Jeremiah Grossman at 3:00 PM No comments:

Friday, April 09, 2010

Best of Application Security (Friday, Apr. 9)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.=

Microsoft SDL version 5
Force.com Secure Cloud Development
Stroke triggered XSS and StrokeJacking
German Government Pays Hacker For Stolen Bank Account Data
CAPEC-333: WASC Threat Classification 2.0
WAF Confusion Continues
Serious New Java Flaw Affects All Current Versions of Windows + Advisory
Safari Integer Overflow Aids Inter Protocol Exploitation
OWASP AIR + Flash Security Projects
Prion 1.1 - Polymorphic XSS Worm

Posted by Jeremiah Grossman at 2:00 PM No comments:

Friday, April 02, 2010

Best of Application Security (Friday, Apr. 2)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.

Mozilla: Plugging the CSS History Leak
$43m slot machine win a 'mistake' says Colorado casino
OWASP Podcast: Ed Bellis (eCommerce) #63 and Andy Ellis (Availability) #64
Web application scanning with skipfish
Should the Government Stop Outsourcing Code Development?
Journalists in China say Yahoo accounts hacked
WASC Web Hacking Incident Database Project Update
I’m in ur 4sq, snarfin ur password — Part II
How Facebook is Adding an Identity Layer to the Internet
Firefox 3.6 FileAPI Exif Injection

Posted by Jeremiah Grossman at 1:00 PM No comments:

Newer Posts Older Posts Home

Subscribe to: Posts (Atom)

About Me

Jeremiah Grossman: Jeremiah Grossman's career spans nearly 20 years and has lived a literal lifetime in computer security to become one of the industry's biggest names. He has received a number of industry awards, been publicly thanked by Microsoft, Mozilla, Google, Facebook, and many others for his security research. Jeremiah has written hundreds of articles and white papers. As an industry veteran, he has been featured in hundreds of media outlets around the world. Jeremiah has been a guest speaker on six continents at hundreds of events including many top universities. All of this was after Jeremiah served as an information security officer at Yahoo!

View my complete profile

Links

Jeremiah's Main Website
Twitter Profile
Facebook Profile
LinkedIn Profile

Total Pageviews

Profile

TEDxMaui

Brazilian Jiu-Jitsu

BobbleJer

My 1964 Lincoln Continental

Subscribe

Posts

Posts

All Comments

All Comments

Blog Archive

► 2018 (3)
- ► May (1)
- ► March (2)

► 2017 (3)
- ► April (1)
- ► February (2)

► 2016 (7)
- ► October (1)
- ► June (1)
- ► May (4)
- ► March (1)

► 2013 (1)
- ► January (1)

► 2012 (2)
- ► April (1)
- ► January (1)

► 2011 (18)
- ► December (1)
- ► June (1)
- ► May (1)
- ► March (3)
- ► February (5)
- ► January (7)

▼ 2010 (62)
- ► December (9)
- ► November (2)
- ► October (1)
- ► September (3)
- ► August (2)
- ► July (5)
- ► June (5)
- ► May (3)
- ▼ April (3)
- ► March (6)
- ► February (12)
- ► January (11)

► 2009 (75)
- ► December (7)
- ► November (5)
- ► October (8)
- ► September (5)
- ► August (11)
- ► July (6)
- ► June (4)
- ► May (5)
- ► April (4)
- ► March (4)
- ► February (5)
- ► January (11)

► 2008 (117)
- ► December (6)
- ► November (2)
- ► October (2)
- ► September (8)
- ► August (8)
- ► July (10)
- ► June (16)
- ► May (16)
- ► April (19)
- ► March (11)
- ► February (4)
- ► January (15)

► 2007 (195)
- ► December (5)
- ► November (19)
- ► October (11)
- ► September (10)
- ► August (13)
- ► July (22)
- ► June (17)
- ► May (25)
- ► April (18)
- ► March (21)
- ► February (12)
- ► January (22)

► 2006 (123)
- ► December (11)
- ► November (21)
- ► October (20)
- ► September (29)
- ► August (16)
- ► July (15)
- ► June (3)
- ► January (8)

► 2005 (99)
- ► November (2)
- ► October (3)
- ► September (5)
- ► August (9)
- ► July (14)
- ► June (15)
- ► May (13)
- ► April (9)
- ► March (11)
- ► February (7)
- ► January (11)

► 2004 (14)
- ► December (7)
- ► November (6)
- ► June (1)

► 2001 (2)
- ► November (1)
- ► March (1)

Picture Window theme. Powered by Blogger.