If you want to make the world safer, start with the smart things in your home. Or, to be more specific, start with your router – the core of any home network as well as an interesting research object. And that router you got from your ISP as part of your internet contract is even more interesting when it comes to research. Read Full Article
Today, Microsoft released a set of eight security Bulletins (MS13-059 through MS13-066) for a broad variety of vulnerable technologies and exploit categories. The critical vulnerabilities are not known to be exploited publicly at the time of Bulletin release. The more interesting Bulletins… Read Full Article
A short while ago, I decided to prepare a presentation on web vulnerabilities and specifically on XSS attacks. I selected the most popular Russian social networking website, VKontakte.ru, as a test bed. Read Full Article
Another live XSS vulnerability in Orkut affected more than 180,000 users in Brazil. Read Full Article
There is a new, actively exploited XSS on Twitter. Read Full Article
How does a computer get infected if you’re just surfing the Internet? And how do cybercriminals make money from tricking users? This article aims to answer these questions. Read Full Article
A new Twitter XSS exploit was identified in the wild as it started to be used by cybercriminals overnight. Read Full Article
On Saturday an alert went out about a new Twitter worm. Could this have been another XSS-Worm? Upon clicking the link users would see the following… Read Full Article
Today we’ve seen a new variant of Net-Worm.JS.Twettir going around on Twitter. Kaspersky products detect it as Net-Worm.JS.Twettir.h. This worm appeared just after an announcement that a firm has hired the author of the original worm. Not wanting to stray too much from the intended topic of this… Read Full Article
Over the weekend we’ve seen a number of Cross Site Scripting worms for twitter. We detect these XSS worms as Net-Worm.JS.Twettir variants Read Full Article