Vulnerabilities, and every security related post will be listed here, as well as my suggestions and ways to achieve a secure environment.
Cross-site Scripting (XSS) flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation or escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. Continue Reading →
Lately everyone in the last weeks have heard of OpenSSL and its vulnerability called Heartbeat. The video below describes clearly the actual vulnerability but not the reason we should care, so here are some questions i had and the answers i found. Continue Reading →