Category Archives: Web Security
Honeywell WebSite Open to XSS and More
Shadab Siddiqui a security researcher have just revealed several critical vulnerability at honeywell.com , redhat.com, pinterest.com, alshaya.com websites, cross site scripting vulnerability allows attacker to inject an iframe in the website to run a malicious script on visitors computers. Also
How to Improve Your Organization’s Web Security
One of the most dangerous and common threats to a company’s web security is unrestricted Internet access. In a well-intentioned but ill-advised attempt to show users they are trusted, or from the false assumption that restricting or monitoring Internet access
Google services for Handling and Cleaning Infected Websites
Usually if we say Google than many people would directly link this word to search engines or Gmail, but Today Google have many interesting services that concern any person who are using internet, here you can find a short video
Naxsi Web Application Firewall module for Nginx
Nginx is getting more and more used by popular website, if we look at netcraft 9.63% of internet are today using nginx based webserver, this including huge websites such as Rambler, wordpress.com ,Sourceforge.net and vkontakte.ru. These website needs a big
GFI Webmonitor Gateway with Multi-layered Security
System administrator’s main focus is protecting corporate information resources, one of major source of threats is Internet and we need to be very careful in dealing with unreliable access to Web resources, if we talk about security professionals than we
Using mod_rewrite to harden Apache
Most installations of Apache should come with the mod_rewrite module already configured and active. For those of you that are hosting the web server on a shared hosting environment (ie: you’ve bought a generic web hosting package), then you are
Graphing Suspicious URL Relationships
10,000 websites have been compromised to redirect users to a new exploit toolkit called Nice Pack, discovered Wednesday, attempts to take advantage of flaws in users’ third-party apps, such as Java and Adobe, to install the “Zero Access Trojan,”. Malicious
