Hacks Drugs and Rock n Roll: Web2.0 application security

Monday, February 04, 2008

Web2.0 application security

SOA, RIA, and Ajax are the backbone behind the now widerspread Web 2.0 applications such as MySpace, GoogleMaps, and Wikipedia. Although these robust tools make next generation web applications possible, they also add new security concerns to the field of web application security. Yamanner, Samy and Spaceflash type worms are exploiting “client-side” Ajax frameworks, providing new avenues of attack and compromising confidential information. Portals like Google, NetFlix, Yahoo and MySpace have witnessed new vulnerabilities in the past. These vulnerabilities can be leveraged by attackers to perform Phishing, Cross-site Scripting (XSS) and Cross-Site Request Forgery (XSRF) exploitation.

| View | Upload your own

No comments:

Post a Comment

Disclaimer

Everything on this blog are only my views and opinions, and are not those of my current or past employers, investors, customers or anybody else. I make no representations as to the accuracy, validity, relevance or importance of anything I say here. Some of what is said here could very well be true (most likely by accident), a lot of it is obviously made up, and all of it is only one man's opinion. All spelling and grammatical errors are purposefully placed to throw any lawyers off the trail. And if you are a lawyer, "move along... this isn't the blog you're looking for". Read and listen entirely at your own risk, and please, don't try any of this at home (work or school.) Now, get back to work - before somebody catches you reading blogs all day instead of doing something productive. And yes, consider yourself notified.

Hacks Drugs and Rock n Roll

Monday, February 04, 2008

Web2.0 application security

No comments:

My Twitter Updates

Subscribe to My Blog Feed

About Me

Blog Archive

Blackhat

Disclaimer