Welcome to MSDN Blogs
Sign in
|
Join
|
Help
random dross
Web security and beyond...
This Blog
Email
Syndication
RSS 2.0
Atom 1.0
Search
Go
Tags
ActiveX
Computer Security
Cross-Site Scripting
De-obfuscation
General
Internet Explorer
Kill-Bit
Sidebar Gadgets
Web Application Security
XSS
Archives
May 2008 (1)
March 2008 (1)
February 2008 (1)
December 2007 (1)
September 2007 (1)
August 2007 (2)
July 2007 (1)
June 2007 (1)
December 2006 (1)
November 2006 (1)
October 2006 (2)
September 2006 (1)
June 2005 (2)
Other Blogs
The MSRC Blog
The IE Blog
Stepto's Blog
Michael Howard's Blog
Rob Hensing's Blog
Security Vulnerability Research & Defense
Other Useful Stuff
Fiddler HTTP Debugging Proxy
Security
Anti-Phishing Working Group
The Open Web Application Security Project
SecurityFocus
Internet Storm Center Handler's Diary
August 2007 - Posts
Wednesday, August 22, 2007 12:48 PM
An innovative new defense against cross-domain vulnerabilities
Cross-domain (or “Universal XSS”) vulnerabilities have long plagued modern script-enabled web browsers. Shuo Chen of Microsoft Research has developed a new type of defense against these vulnerabilities. A paper on this new approach has been accepted to
Posted by
dross
|
0 Comments
Filed under:
Computer Security
,
Internet Explorer
Friday, August 03, 2007 11:17 AM
Pinning / Rebinding / Quick-Swap DNS Links
A group at Stanford has been researching these issues and recently published Protecting Browsers from DNS Rebinding Attacks . Also, Dan Kaminski has published his slides from Blackhat 2007, Black Ops 2007: Design Reviewing The Web .
Posted by
dross
|
0 Comments
Filed under:
Computer Security
,
Web Application Security