SEARCH RESULTS
 
Showing 1-10 of 29 records
 
Expand article

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...characters being inserted from untrusted sources into an HTML document, the issue can be avoided either by filtering/disallowing the meta characters, or by escaping them appropriately for the given HTML context. For example, the HTML meta characters , &, " and ' must be replaced with their corresponding HTML entity references , &, " and '...
 
Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check
 
 
 
 
Expand article

NASDAQ Symbology Change

2007-12-14 03:18:47 by RSnake in ha.ckers.org web application security lab
 
...characters came up and one of the things they mentioned being worried about was symbology changes at NASDAQ. For those of you who dont follow this kind of stuff, the old ticker symbols constituted a fairly small subset of possible combinations. The symbology change was designed to allow greater flexibility in the future of the naming...
 
Tags: symbology, symbology change, characters, legal characters, special characters, nasdaq, ticker symbols, stock market, millions
 
 
 
 
Expand article

Supporting Complex Passwords

The Article has images
2007-12-04 08:56:00 by Keith Brown in Security Briefs
...characters or less One possibility is that the password for your LiveID is complex - meaning longer than 8 characters and composed of characters other than just letters and numbers. The activation system has reportedly had issues with this in the past. If that is the case for your ID, you may want to consider changing the password temporarily...
 
Tags: passwords, complex passwords, complex, passwords hit, password temporarily, temporarily, password, strong passwords, password minder
 
 
 
 
Expand article

More thoughts on vulnerability

2008-04-07 13:34:01 by JonesJ in RiskAnalys.is
 
...characters A six-character password made up solely of alphabetic characters A four-character PIN made up solely of numbers A fourteen-character password made up of alpha, numeric, and special characters Actually, there are a couple of rational answers 1) it depends, and 2) all of them, to some degree. As I think about it, maybe these are both...
 
Tags: capable threat agent, threat agent, capable, password, vulnerability, six-character password, vulnerable, -character password, numeric
 
 
 
 
Expand article

Roboticsonline.com customer orders compromised

The Article has images
2008-01-04 14:51:08 by Evan Francen in The Breach Blog
...characters, longer than 8 characters and doesn't use words found in the dictionary takes one helluva long time to crack (many years). A weak password can be broken almost instantaneously. So either the admin was using a weak password, or the site was compromised in another manner such as a vulnerability in the software Either way, it is sad...
 
Tags: secure administration site, administration site, credit card information, information, site, credit card provider, credit card, password, evan roboticsonline
 
 
 
 
Expand article

What Does SHA1 is Broken Mean?

2007-12-12 07:35:00 by Eric Marvets in The Security Samurai
 
...characters in length (for SHA256, it would be 44 characters). If the database allowed passwords that size, then its trivial to add support for hashing The other reason is that there are far easier ways of attacking a password field than targeting SHA1. An offline dictionary attack against the users passwords is several orders of magnitude...
 
Tags: sha1, choose sha1, sha1 protects, hash data, data, sha1 drops, hash function, hash, function
 
 
 
 
Expand article

Inane security questions

2008-02-18 23:07:19 by Richard Clayton in Light Blue Touchpaper
 
...characters long and contain at least 1 numeric or non-alphabetic character). So far so good If I forget this password, I will be required to answer two security questions, which I get to choose from a little shortlist. Theyve eschewed mothers maiden name, but the system designer seems to have copied them from Bebo or Disneys Mickey Mouse...
 
Tags: questions, security questions, favourite, favourite entertainer, non-alphabetic character, password, favourite teacher, online system, main childhood phone
 
 
 
 
Expand article

Using remote AS400 commands in a Windows environment

2008-05-16 14:41:44 by Shahar Mor in WhatIs: Enterprise IT tips and expert advice
 
RUNRMTCMD is the AS400 implementation of REXEC client and it supports 2000 characters, but the REXEC daemon from iSeries Access only supports up to 1000 characters. To run a long command, such as a SQL Server IS package, you will want to use a different REXEC daemon
 
Tags: rexec daemon, sql server, characters, as400 implementation, rexec client, iseries access, supports, runrmtcmd, package
 
 
 
 
Expand article

The new golden age of comics

The Article has images The Article has embedded video
2008-06-21 17:31:58 by HASH0x8473354 in StillSecure, After All These Years
...characters faded away Over the years the comic industry tried to regain their former glory, but the age of the superhero was over. Yeah there was the TV cartoons, who didn't watch Superman or Batman when you were little. Some of you like me, may have even watched the Marvel Superhero Show that had short segments of many of the Marvel...
 
Tags: batman movies, batman, movies, movie, movie debuts, movies aimed, aimed, hulk movie, superman movies
 
 
 
 
Expand article

XSS Comedy at McAfee Secure's Expense

2008-06-30 21:10:00 by Russ McRee in HolisticInfoSec.org
 
...characters removed or Blogger will let me XSS myself), you won't get much use from such a string via either direct form submittal or URL encoding. But when the site barfed up '; // LEAVE THIS VALUE var sli cId = 90; , while under investigation, my ruh-roh meter went off I decided to play with my trusty marquee test and found interesting...
 
Tags: site