- Apache Foundation Hit by Targeted XSS Attack + Internal investigation + Associated Atlassian breach
- CSRF Isn’t A Big Deal - Duh!
- Network Solutions Hack: Secure File Permissions Matter + Sucuri Analysis
- OWASP RFP Criteria Project
- IE 8 Security Features Could Be Turned Against Users + Slides & PoC
- Next-Generation Clickjacking Attacks Revealed + Tool
- Brokerage Firm Fined $375,000 for Unsecured Data
- Researcher Uncovers (Another) Major Facebook Security Exploit
- New Full Disclosure, Website Vulnerabilities Database
- Chrome Phishing
- 5 Reasons HTTPOnly won't save you
Friday, April 16, 2010
Best of Application Security (Friday, Apr. 16)
Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.