Tags » XSS

Is your data in Android device safe??? - Cross Site Scripting attacks on Android WebView

Many of the Android applications display web content and also interact with it. This is possible by exposing a web browser as a standalone component and embedding it in the application. 490 more words

Mobile Technologies

Google Chrome "bad link" detection bypass - found, fixed

We get some interesting correspondence here at Naked Security.

Sometimes we write about the spam we receive, whether in email or as comments.

Sometimes we get… 914 more words

Featured

Phishing gone: eBay patches to block session-jacking Magento holes

Vulnerability Lab researcher Hadji Samir says eBay has squashed three vulnerabilities in its Magento shopping platform that could permit session hijacking and man-in-the-middle attacks.

The penetration tester disclosed this month the vulnerabilities along with proof-of-concept videosshowing how attackers could steal session data and phish users. 162 more words

Cyber Security

SAP HANA Database Uses Static Encryption Key By Default

Earlier this month leading ERP (Enterprise Resource Planning) vendor SAP released an updated version of their HANA database (a database that is stored in RAM (computer memory) for very fast performance (although the database is periodically written to a hard disk for the purpose of recovery checkpoints)). 437 more words

Security Advice

SAP HANA Databases Vulnerable to XSS and SQL Injections

Speaking at the Black Hat Sessions conference in Ede, Netherlands, ¬†Dmitry Chastukhin, Director of Professional Services for ERPScan, has presented a report in which he details various problems with SAP’s encryption algorithms and static keys. 367 more words

Cyber Security

SAP HANA Databases Vulnerable to XSS and SQL Injections

Speaking at the Black Hat Sessions conference in Ede, Netherlands,¬† Dmitry Chastukhin, Director of Professional Services for ERPScan, has presented a report in which he details various problems with SAP’s encryption algorithms and static keys. 367 more words

Security News