The Spanner Blog : Bypassing XSSAuditor
The spammer blog posted about bypassing XSS Auditor, a tool built-in Chrome and IE and enabled by default to prevent XSS attacks or just doing some weird things to your page....
HTML5 Security Realities
Brad Hill from Paypal, shared a very interesting slides that he presented duringĀ W3Conf 2013, which was held in San Fransisco on February 21, and 22. In the presentation you can findĀ real...
Facebook Like Clickjacking Vulnerability
Eric Kerr pointed in his blog to a vulnerability in Facebook like button which basically allow an attacker to trick you into Liking something without your discretion.
How the attack works:
1....
Speed up your PHP website, a consultant’s guide
Yesterday a friend was requesting a MYSQL/PHP Consultant to speed up his websites, and today I was reading few comments and solutions on his facebook : Use APC, mem_cache for PHP,...
Build a secure login with Zend Framework
Enrico Zimuel, Zend consultant in Italy, wrote an interesting article on how to create a secure login with Zend Framework. The sample application uses Zend_Form, Zend_Auth_Adapter_DbTable, Zend_Session, Zend_Config and Zend_Db_Table. The...
Essential PHP Security and its web companion
Essential PHP Securityby Chris ShiflettChris Shiflett have just announced the launch of PHPSecurity.org, the companion web site for his new book, Essential PHP Security. I have already announced the launch of...