Blog Options
Following the Wh1t3 Rabbit - Practical Enterprise Security

Enterprise Security organizations often find themselves caught between the ever-changing needs of the agile business, and the ever-present, ever-evolving threats to that business. At the same time – all too often we security professionals get caught up in “shiny object syndrome” which leads us to spend poorly, allocate resources unwisely, and generally de-couple from the organization we’re chartered to defend. Knowing how to defend begins with knowing what you’ll be defending, why it is worth defending, and who you’ll be defending from… and therein lies the trick. This blog takes the issue of enterprise security head-on, challenging outdated thinking and bringing a pragmatic, business-aligned, beyond the tools perspective … so follow the Wh1t3 Rabbit and remember that tools alone don’t solve problems, strategic thinkers are the key.

Rafal (Principal, Strategic Security Services)

Cross-Site Scripting - In the Wild, Exploiting Your Droid

Wh1t3Rabbit| March 9, 2011
Post a Comment

This may be slightly old news but worth mentioning in case you've mised it.  Jon Oberheide has a brilliant write-up of a post on his blog where he talks about an issue with the Google Android Market (which has since been patched) which allowed for persistent Cross-Site Scripting.

 

Persistent Cross-Site Scripting ... isn't that something that we should have a pretty good hangle on by now?  Apparently not.

Read Blog Article
Labels: Vulnerability| web applications
Labels:
Search
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About the Author(s)


HP Blog

HP Software Solutions Blog

Community Announcements
50 Must Read IT Blogs

Follow Us
Labels