Archive / Web Security

RSS feed for this section

read the latest news and articles regarding the internet security field in order to keep you up to date to this forever changing environment

Covert Manipulation.

I've been interested in communication for a long time, and I am especially interested in the use of language for persuasion. Once you know how powerful words really are, you'll start using them with care. The conscious mind behaves in … Continue reading

Secure Coding And Cocktail Parties.

I am going to be very clear about his today. In the past I posted vulnerabilities in many websites including websites from companies who say they secure web applications, or store web application vulnerabilities and even those who give out … Continue reading

The RPC Worm Victim List.

An RPC worm is currently active and running based upon NamedPipes abuse as seen in the advisory from Microsoft. It's extremely important to patch any Windows machine you have under your control, because when RPC and NamedPipes are enabled you … Continue reading

Opera Arioso Update.

I've made some updates on my Opera plugin to block and protect more attacks against Opera. Luckily there aren't that many attacks in comparison to other browsers, nonetheless I like to notice what happens on webpages I visit. The minor … Continue reading

Disable RPC.

There is some fuss about RPC on Windows platforms.[1] As usual, I recommend to disable RPC temporarily from starting up when Windows boots. RPC is nasty and yet again a severe flaw has been found that attackers can abuse to … Continue reading

New and old DDOS Tools

For sure this list is not intended to newbies that want to start a DDOS attack. This list is to inform the readers of what tools new and old the hackers use for their denial-of-service attacks. It’s interesting to see … Continue reading

Phishing With Google.

I really feel Google should know better than this. Check out this form residing on the Google domain[1]. It allows phishers to utilize the Google e-mail interface to phish Google customers in a very simple way. Let's say we set … Continue reading

PHP Globals And Unregistered Variables.

One of the biggest problems with PHP is certainly register_globals. Once GLOBALS are registered, you are in for a ton of trouble. Today I want to discuss unregistered variables that can be set through register_globals in another method of which … Continue reading