News (16)

Google RatProxy looks for cross-site flaws

Google released a free tool Tuesday that should help Web developers find and fix cross-site vulnerabilities. Read more »

IE8 to come with anti-malware, XSS protection

Microsoft yesterday announced new security features within the upcoming release of Internet Explorer 8 Beta 2. Read more »

Microsoft blamed for Google Docs flaw threat

Google has fixed a flaw in Google Docs that allowed an attacker to hijack sessions on any Google service — but security experts say that the real damage is being caused by Internet Explorer, not Google's technology. Read more »

Adobe Flash 9 update to destroy and save Web apps

Adobe is issuing an update to Flash Player 9 that it hopes will prevent Flash-based Web applications being used to launch attacks against consumers — but the update may also stop Flash apps working if developers don't heed Adobe's recommendations. Read more »

Security experts warn of potential malicious AIR code

On Monday, Adobe Systems rolled out its new Web 2.0 development tool, Adobe Integrated Runtime, or AIR. Following its release were some concerns from the security community. Read more »

Mozilla unleashes Firefox patch threesome

Mozilla has released Firefox version 2.0.0.10, an update which addresses three high-impact security vulnerabilities. Read more »

Web 2.woe: Simple security flaws going unfixed

Web application vulnerabilities are simple to fix -- but they're here to stay and will likely get worse, say security analysts. Read more »

Howard 'hacker' pleads innocence

The so-called "Howard hacker", who has apparently been reported to the Australian Federal Police, told ZDNet Australia that he is innocent of defacing the Liberal Web site. Read more »

Howard 'hacker' off the hook: AFP

The Australian Federal Police (AFP) has confirmed it will not be pursuing the so-called "Howard hacker" -- but it has been helping the political parties better secure their Web sites. Read more »

XSS flaw makes PM say: "I want to suck your blood"

The Web sites of Australia's two major political parties contain cross-site scripting vulnerabilities, which could be exploited to fraudulently acquire political donations, say security experts. Read more »

More Xss News Results

Features (3)

Be aware of AJAX's drawbacks

Some developers view AJAX as the silver bullet for every scenario. However, AJAX introduces its own set of hazards in various areas, which include: development time, browsing history and experience, search engine interaction, accessibility, server load, and security. Read more »

What is cross-site scripting?

Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. This article explains what it is and where the dangers lie. Read more »

Play!
The Web needs an overhaul

Rasmus Lerdorf, the father of PHP, says that the Web is inherently broken and needs an overhaul to the entire infrastructure: browsers, servers and scripting languages. Read more »

Video (5)

Play!
Security on the Web

Rasmus Lerdorf, creator of PHP, discusses security on the Web. He explains how almost all sites are vulnerable and why the entire structure of the Web needs an overhaul. Read more »

Play!
Adobe creates 3D view of subjects

At the 6sight conference in Monterey, California, John Loiacono, senior vice president for Adobe Creative Solutions, demonstrates developing technology that constructs a 3D view of a subject from images collected on the Internet. Read more »

Play!
Zoho takes on Microsoft, Google

ZDNet editor-in-chief Dan Farber and Webware.com's editor Rafe Needleman sit down with AdventNet's CEO Sridhar Vembu to find out about Zoho's office productivity suite and how the CEO plans to compete against Microsoft and Google. Farber and Needleman then analyse the company's business model and determine Zoho's chance for success in the emerging Web 2.0 office software market. Read more »

Play!
Rusty's message to C++ programmers

Rusty Russell presents a community service announcement to all C++ programmers Read more »

Play!
The future of C

Rusty Russell discusses how multiple cores and the increasing size of computer memory will affect the future direction of C. Read more »

Blog (2)

The 2008 Trends and Threats to Internet security

Lana Kovacevic [blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

XSS fun with Howard: Liberal Party says no

Staff [blogs:syslog] -- Political parties have no sense of humour. Far from being a revelation, it was merely reinforced yet again as both the major parties in this country had their sites fall victim to XSS. Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Microsoft prescribes more REST

    Details have begun to emerge about the next versions of Visual Studio and Windows Server this week -- and the message from Redmond is to REST up Read more »

    -- posted by Staff

  • Chris Duckett .NET looks to REST

    With news that REST will play a big part in the next version of the .NET Framework, it is timely to take a look at ADO.NET. Read more »

    -- posted by Chris Duckett

  • Renai LeMay Spellr.us needs a new dictionary

    One of the only Australian start-ups to present at the recent round of conferences in the US was Sydney-based spellr.us, which has launched a Web-based tool to check and monitor websites for spelling mistakes. Read more »

    -- posted by Renai LeMay

What's on?