Hacks Happen - Conservative estimates put the total annual IT security spending in the US at $50 billion and e-crime losses at $100 billion. We are losing two dollars for every dollar spent. Those numbers are said to be worse on a global scale. Newly passed laws, industry regulation, and press coverage have certainly raised the profile of the problem, but where have these actions really gotten us?
732c1f50ff097c1e696ca7bc02cfc76b46a8058c253e98d918cd850d46a2557cRecent versions of Adobe Reader (previously known as Acrobat Reader) are vulnerable to XML External Entity (XXE) Attacks. By including a JavaScript in a PDF file, and have this JavaScript parse an embedded XML document with a reference to an external entity, it is possible to read certain types of textual files on the local computer, and have them sent to a remote attacker.
e4eb9bd6d086fc72abf05dc8225eb8384fbc26f2134d79f9587ff4deefa90078The 80/20 Rule for Web Application Security: Increase your security without touching the source code . This article discusses ways to make your website more difficult to exploit with little effort.
bba7f7e823c6583f2e30e376b8c5ab99b4d303a27d637867f9f30645116bb148
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed