Showing 7 results for: March 2011 ×Security Research ×

Latest Web Hacking Incident Database (WHID) Entries

These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) Web Hacking Incident Database (WHID) Project. WHID 2011-57: MySQL.com hacked via... SQL injection vuln Entry Title: WHID 2011-57: MySQL.com hacked via... SQL injection vuln WHID...

Detecting Malice with ModSecurity: Open Proxy Abuse

This week's installment of Detecting Malice with ModSecurity will discuss how to detect potential open proxy abuse. HTTP Proxies excerpt section of Robert "Rsnake" Hansen's book "Detecting Malice" - HTTP Proxies HTTP proxies are specialized server applications designed to make...

ModSecurity Advanced Topic of the Week: Malware Link Detection

Planting of Malware Planting of malware links into legitimate websites in order to conduct "Drive-by-Downloads" attacks against end-users is a serious concern. Check out the WASC WHID entries for "Planting of Malware" for some real-world examples. Unfortunately for web site...

WASC WHID Semi-Annual Report for 2010: July - December

SpiderLabs just released our WASC Web Hacking Incident Database (WHID) Semiannual Report for 2010 (July - December). You can download the full report here (registration required). In this report, we analyze the WHID events from the 2nd half of the...

thicknet: Griefing Boss Hogg

Most things I do seem really awesome at the time. Like the time I was at the Italian restaurant with my wife, and I made her a heart out of spaghetti. Or that time that I jumped onto the Chicago...