Phishing – so many flaws to exploit so little time



In the last week there was a well documented writeup of a cross site scripting vulnerability which had allowed a phisher to pose as a paypal login with THE LEGIT PAYPAL SSL CERTIFICATE…. Brian Krebs at the Security Fix has some details on some of the new and interesting ways phishers are trying to exploit to seperate us from our personal information.


Essentially these vulnerabilities take place on a site where a form has input that is unvalidate or not cut off to include JUST what is needed in the form. So…. a phisher could force the server to accept other data/rewrite the page in a manner of speaking. Tools such as the netcraft toolbar can help defend you against this type of phishing – but caution with email links is certainly another defence. Also, it would do well if sites were to audit their own sites for these vulnerabilities.

Related Posts

Blog Traffic Exchange Related Posts
  • Exploit for Unpatched Internet Explorer vulnerability Well.... buckle your seatbelts it's going to be a bumpy start to the week. the securityfix as well as incidents.org are reporting on exploit code that has been released that takes advantage of an unpatched Internet Explorer vulnerability. According to the Sans institute diary entry... they have tested the exploit......
  • There aren't THAT many phish in the sea, more on phighting phishing The last post, I got sidetracked into another idea as I was doing a google search. Not uncommon. OK, what I was curious about is how many phishing sites are estimated to be "in the wild" at any given moment threatening to defraud viewers? Well, my search did turn up......
  • Network Security guide for the home or small business network - Part 14 - Alternative software There are ways that risks can be avoided. Recently, there was what was called a zero-day exploit for Internet Explorer. As I write this, the exploit surfaced 3 weeks ago and tomorrow there will be a patch. The vulnerability would allow remote code execution through a vulnerability in the way......
Blog Traffic Exchange Related Websites
  • Users Tempted By Free Services Offered By Web Portals If Internet sites could choose, you wouldn't be going through the whole Web and checking out a lot of sites. Instead, you'll spend considerable time at only one site, known as an Internet portal that handles your communication, needs. Internet portals seek to provide an atmosphere of belonging within a......
  • How Crucial Are Flash Files In Site Style I am positive that if you are visiting this page, you will be interested in 99 designs. The internet has proved to be the busiest and fast rising on the net local community primary to improved competition that incredibly fierce and stiff. Certainly, competition for visitors and plenty much more......
  • 5 Simple Ways Niche Review Templates Will Make You More Money Online 1. Advertise Various Products A terrific way to make more money online your clients' needs multiple affiliate product. With Niche Review Templates, you will get 3 product recommedations with a star rating system. This provides the customer more options to locate a program that's suited to his/her taste. By......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site