CGISecurity.com: Your Web Site and Application Security Resource

CGISecurity.com: Your Web Site and Application Security Resource http://www.cgisecurity.com/ CGISecurity has been providing news on Application Security, Database Security, Website Security, Vulnerability Assessment, and more since 2000. en-us Copyright 2000-2007, CGISecurity.com admin@cgisecurity.com Widescale DNS flaw discovered http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080707&ref=rss Most Corporations Lack Proper SDLC http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080706&ref=rss Jason Taylor on Security Testing http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080705&ref=rss Sony PlayStation's site SQL injected, redirecting to rogue security software http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080704&ref=rss Firefox 2.0.0.15 Addresses Multiple Security Issues http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080703&ref=rss Cloudsecurity.org Interviews Guido van Rossum: Google App Engine, Python and Security http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080702&ref=rss Microsoft outlines extensive IE8 security improvements http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080701&ref=rss Today's the day! PCI DSS section 6.6 is required http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080615&ref=rss OFF Topic: A farewell to Bill gates http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080614&ref=rss Tools: Microsoft Announces Three Tools to help prevent SQL Injection http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080613&ref=rss Ruby creators warn of serious flaws http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080612&ref=rss Securityfocus interview with Mozilla security team http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080611&ref=rss My current stance on Web Application Firewalls http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080610&ref=rss JavaScript Code Flow Manipulation, and a real world example advisory - Adobe Flex 3 Dom-Based XSS http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080609&ref=rss Paper: The Extended HTML Form attack revisited http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080608&ref=rss Firefox3 Released http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080607&ref=rss Tools: Peach 2.1 Fuzzing Framework BETA3 Released http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080606&ref=rss Payment Card Industry (PCI) Mandate Stresses Importance of Web Application Security: Recommended Becomes Required http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080605&ref=rss Microsoft Patch Tuesday: Microsoft releases four critical patches http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080604&ref=rss Elevator pitch for explaining security risks to executives http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080603&ref=rss Article: Quick tips for Web application security http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080602&ref=rss ARP Spoofing leads to hijacking of metasploit website http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080601&ref=rss Paper: Bypassing URL Authentication and Authorization with HTTP Verb Tampering http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080513&ref=rss Cool hack: Man exploits random deposit verification flows to steal $50,000 http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080512&ref=rss How NOT to handle finding vulnerabilities at your company http://www.cgisecurity.com/cgi-bin/redir.cgi?story=080511&ref=rss