A collection of articles and posts pulled from some of our favorite bloggers across the Internet.

Do you have an IT/Infosec Security blog that we can display here? Suggest a Link, otherwise Contact Us about getting blogging rights here on the Island!

Latest From the Web


From the Web

Using XSS to Launch a SQL Injection Attack

June 01, 2009 from: hackyourself.net

Several weeks ago I stumbled on a client’s e-commerce site that had (what appeared to be) a non-vulnerable SQL Injection pathway on a search form. I used the standard calls to determine if it was vulnerable, determined (or so I thought) that it wasn’t and moved on to test for XSS.

Comments  (1)


From the Web

OSI Model’s Relevance to Web App Security

June 01, 2009 from: hackyourself.net

One of the things that I constantly run into is that of security engineers trying to thwart web application attacks with network security equipment (such as IDS/IPS, AV signatures, etc). A recent example regarded a SQL Injection attack on a web server. This particular entity has a very healthy multi-vendor network security perimeter, and felt that the gear in place was sufficient to both catch...

Comments  (8)


From the Web

OWASP Releases World’s First Security Code Review Guide for Free

March 31, 2009 from: Writing Secure Software

The OWASP Foundation, March 30, 2009 – The Open Web Application Security Project (OWASP) today announced the official release of the free OWASP Security Code Review Guide v1.1. The Code Review Guide provides details on how to review code for all sorts of application vulnerabilities. Together with the OWASP Security Developer Guide and OWASP Security Testing Guide, OWASP has created a powerfu...

Comments  (1)


« First < Previous  | 14 - 15 - 16 - 17 - 18 |   Next > Last »