DEMO This post was due since the Bank of India hack incident, and was fueled by PDP’s Drive-by Java post, which is a very simple, yet a well thought of extension (sort of) to the Drive-by Download attack. This post is aimed to provide a clearer understanding of the Drive-by Download attack (via a demo). [...]
Read more →Update: I somehow managed to make a blunder. A part of slide no. 12 was taken from David Kierznowski’s (of GNUCitizen and Blogsecurity group) presentation for OWASP Belgium Conf. I missed out on mentioning David’s name is the credits. Apologies David. I’ve updated and re-uploaded it. Yesterday, I presented my first Webinar (Seminar on Web). [...]
Read more →I know, I know… the title sounds like a cheap promotion ad. As I mentioned in my previous entry that Giorgio has addressed our (mine and Gareth’s) request to block iframes using NoScript. I must, however, admit that I did not expect it to be this fast. NoScript 1.1.7.1 (SilverNight) is here. The changelog has [...]
Read more →Update: Aah. It’s not that there couldn’t have been any better news , but today’s News is that Ma1 has agreed to provide feature to block frames through NoScript from the next version (1.1.7). NoScripts Rocks. Oh and Yes! Ma1 Rocks too …;) I have been pretty busy since the last few weeks (and this [...]
Read more →