News (18)

Google Chrome upgraded across the board

Google has updated the Chrome browser for most of its multiple versions on all platforms in the past few days, although most of the updates have been minor. However, high-priority security fixes have been made to the stable version of Chrome. Read more »

Kaspersky denies leaks after SQL hack

Russian antivirus vendor Kaspersky Labs' US website was hacked over the weekend exposing the company's customer database, but Kaspersky has denied data was compromised and says the vulnerability wasn't critical. Read more »

Google RatProxy looks for cross-site flaws

Google released a free tool Tuesday that should help Web developers find and fix cross-site vulnerabilities. Read more »

IE8 to come with anti-malware, XSS protection

Microsoft yesterday announced new security features within the upcoming release of Internet Explorer 8 Beta 2. Read more »

Microsoft blamed for Google Docs flaw threat

Google has fixed a flaw in Google Docs that allowed an attacker to hijack sessions on any Google service — but security experts say that the real damage is being caused by Internet Explorer, not Google's technology. Read more »

Adobe Flash 9 update to destroy and save Web apps

Adobe is issuing an update to Flash Player 9 that it hopes will prevent Flash-based Web applications being used to launch attacks against consumers — but the update may also stop Flash apps working if developers don't heed Adobe's recommendations. Read more »

Security experts warn of potential malicious AIR code

On Monday, Adobe Systems rolled out its new Web 2.0 development tool, Adobe Integrated Runtime, or AIR. Following its release were some concerns from the security community. Read more »

Mozilla unleashes Firefox patch threesome

Mozilla has released Firefox version 2.0.0.10, an update which addresses three high-impact security vulnerabilities. Read more »

Web 2.woe: Simple security flaws going unfixed

Web application vulnerabilities are simple to fix -- but they're here to stay and will likely get worse, say security analysts. Read more »

Howard 'hacker' pleads innocence

The so-called "Howard hacker", who has apparently been reported to the Australian Federal Police, told ZDNet Australia that he is innocent of defacing the Liberal Web site. Read more »

More Xss News Results

Features (6)

Paranoid cookie management

How much paranoia you employ in web cookie management determines how much work you must put in, and which strategies you'll use. Read more »

Twitter: Under attack

We all knew it was going to happen sooner or later. So it's no surprise that Twitter is under attack. The important thing now is knowing what to do about it. Read more »

Security in the Web 2.0 Era

At the Gartner Symposium ITxpo 2008 in Sydney this week, Andrew Walls, the research director and security analyst at Gartner presented "Security in the Age of E-Commerce and Web 2.0". Read more »

Be aware of AJAX's drawbacks

Some developers view AJAX as the silver bullet for every scenario. However, AJAX introduces its own set of hazards in various areas, which include: development time, browsing history and experience, search engine interaction, accessibility, server load, and security. Read more »

What is cross-site scripting?

Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. This article explains what it is and where the dangers lie. Read more »

Play!
The Web needs an overhaul

Rasmus Lerdorf, the father of PHP, says that the Web is inherently broken and needs an overhaul to the entire infrastructure: browsers, servers and scripting languages. Read more »

Video (5)

Play!
Security on the Web

Rasmus Lerdorf, creator of PHP, discusses security on the Web. He explains how almost all sites are vulnerable and why the entire structure of the Web needs an overhaul. Read more »

Play!
Adobe creates 3D view of subjects

At the 6sight conference in Monterey, California, John Loiacono, senior vice president for Adobe Creative Solutions, demonstrates developing technology that constructs a 3D view of a subject from images collected on the Internet. Read more »

Play!
Zoho takes on Microsoft, Google

ZDNet editor-in-chief Dan Farber and Webware.com's editor Rafe Needleman sit down with AdventNet's CEO Sridhar Vembu to find out about Zoho's office productivity suite and how the CEO plans to compete against Microsoft and Google. Farber and Needleman then analyse the company's business model and determine Zoho's chance for success in the emerging Web 2.0 office software market. Read more »

Play!
Rusty's message to C++ programmers

Rusty Russell presents a community service announcement to all C++ programmers Read more »

Play!
The future of C

Rusty Russell discusses how multiple cores and the increasing size of computer memory will affect the future direction of C. Read more »

Blog (3)

AJAX applications and security

Lana Kovacevic [blogs:webanatomy] -- Douglas Crockford, the creator of JSON, gave a talk entitled "AJAX Security" at the recent Web Directions South conference. In this talk, Crockford discussed some of the security concerns with AJAX applications and what can be done to address them. Read more »

The 2008 Trends and Threats to Internet security

Lana Kovacevic [blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

XSS fun with Howard: Liberal Party says no

Staff [blogs:syslog] -- Political parties have no sense of humour. Far from being a revelation, it was merely reinforced yet again as both the major parties in this country had their sites fall victim to XSS. Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Microsoft shows off IE9 preview

    This week, highlights from Microsoft's MIX10 conference and more in the Roundup. Read more »

    -- posted by Staff

  • Chris Duckett IE9's H.264 vote killed Ogg

    In a split decision by the judges, the winner of the W3C/WHATWG video codec consensus is H.264, taking home the future of video playback on the internet while loser Ogg goes home with nothing but thoughts of what might have been. Read more »

    -- posted by Chris Duckett

  • Staff Google launches Apps Marketplace

    Google launches and app store, while Mozilla plans to re-write its open-source license. More of this week's news in the Roundup. Read more »

    -- posted by Staff

What's on?

  • Optus Deal

    Broadband + home phone + PlayStation®3 in a single package price!