Showing 9 results for: May 2011 ×

Announcing Release of OWASP ModSecurity Core Rule Set v2.2.0

-------------------------- The ModSecurity Development Team is pleased to announce the release of the OWASP ModSecurity Core Rule Set v.2.20. There are many significant improvements as listed below from the CHANGES file. -------------------------- Version 2.2.0 - 05/26/2011 -------------------------- Improvements: - Changed...

Announcing Release of ModSecurity v2.6.0

The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.6.0 Release. This is the first release from the 2.6 branch which improves on the functionality of ModSecurity and introduces some new features. Some highlights: Google Safe-Browsing API...

National Cyber Safety Awareness Day is May 17th

We're taking a short break from our normal technical posts to write about "National Cyber Safety Awareness Day". This day is more about the prevention of "cyber bullying", but people have been asking questions about general online safety/security as well....

Latest Web Hacking Incident Database (WHID) Entries

These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) Web Hacking Incident Database (WHID) Project. WHID 2011-106: Final Fantasy maker Square Enix hacked Entry Title: WHID 2011-106: Final Fantasy maker Square Enix hacked WHID...

Analyzing Malware Hollow Processes

The Malware Analyst's Cookbook is a great book. In it the authors talked about an interesting technique they called 'process hollowing'. When I read about it, I was intrigued and played around a bit with the examples from the book....

Unicode Visual Spoofing for Good: Confusable CAPTCHAs

In this blog post, I will show a proof of concept method of leveraging Unicode Visual Spoofing/Lookalikes for use in a CAPTCHA to help prevent automated bots from scraping pages and autosubmitting data. Unicode Visual Spoofing/Lookalikes An in-depth discussion of...

Latest Web Hacking Incident Database (WHID) Entries

These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) Web Hacking Incident Database (WHID) Project. WHID 2011-99: FTC settles data breach charges against Lookout Services Entry Title: WHID 2011-99: FTC settles data breach charges...

Latest Web Hacking Incident Database (WHID) Entries

These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) Web Hacking Incident Database (WHID) Project. WHID 2011-89: China Implicated In Hacking Of SMB Online Bank Accounts Entry Title: WHID 2011-89: China Implicated In Hacking...