Scary Beasts Security
JANUARY 9, 2010
[Or "Logout CSRF" for search indexes; I seem to be addicted to the less common acronym ;-)] Significant? No, of course not. It is a technical integrity violation inflicted upon good.com by evil.com. That's not ideal, and could be an annoyance. But there are some other interesting technicalities that can make it futile to defend against. They include: Cookie forcing.
Elie
AUGUST 11, 2010
Internet Explorer privacy is flawed. This blog post shows how to abuse SMB query to force Internet explorer to disclose windows username, domain and version even while in private mode or using an HTTP proxy. Proof of concept included.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
CompTIA on Cybersecurity
FEBRUARY 9, 2010
It is hard to believe that a full decade has gone by from a time when fear, angst, and anxiety across many aspects of the channel was focused on the “what ifs” of Y2K. You would be hard pressed to pick up any publication and not see something about the Y2K situation. Here it is ten years later and, yes we survived Y2K, but there is a similar media storm these days about security as more vendors, channel partners, and end-users turn to the “cloud” for everything from storage/back up to financial.
Privacy and Cybersecurity Law
JULY 31, 2010
Laura Gavioli has published an article in the June-July issue of the Journal of Tax Practice & Procedure. The piece addresses […].
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Scary Beasts Security
SEPTEMBER 29, 2010
A few weeks back, I published a demo that uses a serious Internet Explorer cross-origin violation to permit a malicious web page to force the visitor to make unwarranted tweets: [link] The post was light on technical details of how the attack works, so they will be filled in below. In addition, I'll quickly take care of the FAQ: Q) Does this attack affect earlier versions of Internet Explorer, such as IE6?
Scary Beasts Security
AUGUST 4, 2010
Now that this paper is officially public, the full story of CSS-based cross-origin theft can come out. (As an aside I'd like to note that I contributed little other than review to the paper so credit must go to the other named individuals). For background reading, see my Dec 2009 original post and an update that notes Firefox fixing the issue. In the original post, I state two mitigating factors that prevent the attack being very serious: the fact that quotes and particularly newlines stop the a
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Scary Beasts Security
OCTOBER 21, 2010
I find this bug interesting, because at first it looks like a relatively minor cross-origin leak. But with a bit of investigation, it has major consequence. The bug is specific to Internet Explorer, and still seems unfixed (in stable versions) at the time of writing. I told Microsoft about it back in 2008. Therefore this disclosure is not an 0-day , but more like a 600-day.
Scary Beasts Security
JULY 22, 2010
Firefox just released version 3.6.7 of their excellent browser, and it fixes this: [link] This leaves 4 of the 5 major browsers with fixes (more on this in an upcoming post), which is my threshold for documenting a little tweak to exploitability. It is partially inspired by Gareth Heyes' attack on E4X using character set overrides. For interesting background reading, see: [link] Turns out, the same character set override applies to loading cross-origin CSS via the tag.
Scary Beasts Security
JULY 20, 2010
Today I had the pleasure to post: [link] It is co-signed by some of my awesome fellow engineers who personally believe in what is written. Recent discussions and debates have shown that "responsible disclosure" is broken. It is badly named and ill-defined. Possibly the worst problem with responsible disclosure is that is permits known critical vulnerabilities to go unfixed for months or even years.
Scary Beasts Security
JUNE 25, 2010
Open redirectors are a contentious issue. Old-school hackers think anyone who thinks they are serious is on drugs. New-school hackers are more evenly divided. I haven't yet seen a public, balanced list of reasons why you should be worrying about other problems. Here it is. For now, I'll concentrate on the central idea that open redirectors permit domain obfuscation and therefore facilitate phishing etc.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Scary Beasts Security
MARCH 18, 2010
Ok, so I was bored and I added very very basic HTTP support to vsftpd. vsftpd is now perhaps the only FTP server to have an option ftp_enable=NO. Basically none of the HTTP protocol is implemented, but it might suffice for someone who is super-paranoid and needs to serve some static files over the HTTP protocol. The selling point is the re-use of vsftpd's tried-and-tested listener, string handling and built-in sandboxing.
Scary Beasts Security
JANUARY 28, 2010
I don't usually post non-original content here, but in this case I'll make an exception :) Here's one of the things I've been working on over in Chromium land: [link] Will you be the first $1337 ?
Scary Beasts Security
JULY 20, 2010
We've seen who is $1337 but who is $3133.7 ? I just launched this: [link] I've really enjoyed launching and now refreshing this program.
CompTIA on Cybersecurity
JANUARY 23, 2010
Articulating the Value of Security.It’s an uphill battle to convince the decision-makers in any business that they need to invest in security. Why? Because deep down, all professional businesspeople think security is an annoying layer of cost and inconvenience.If you walk in and tell them, “We need more security,” they hear, “We need a more annoying layer of cost and inconvenience.”Getting the buy-in for security products and services today means understanding what drives your company’s securi.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Expert insights. Personalized for you.
57 
Let's personalize your content