Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

 Cross-Site Request Forgery

Google to offer up to 20K prize for bug finds

April 25, 2012

Google has significantly increased its finder's fee for vulnerability researchers.
 

Google extends bug bounties to YouTube, other sites

November 01, 2010

Google on Monday announced plans to extend its existing Chrome browser bounty program to cover some of its other properties, such as YouTube, Blogger and Orkut.
 

Symantec secures its vulnerable "Hack is Wack" site

September 07, 2010

Security giant Symantec said it has secured its "Hack is Wack" contest website after researchers discovered it was riddled with vulnerabilities.
 

Facebook seals shut CSRF vulnerability

May 18, 2010

Facebook has plugged a cross-site request forgery (CSRF) vulnerability that could have allowed attackers to alter privacy settings and deface profiles on the behalf of unwitting users, according to a security advisory released Monday by network security firm Alert Logic. The "critical" bug could had been exploited by bypassing Facebook's anti-CSRF controls and tricking a logged-in user to click on a malicious link. The vulnerability, discovered by M.J. Keith, senior security analyst at Alert Logic, was reported to Facebook on May 11 and patched Monday. The flaw appears to never have been publicly known. — DK
 
Popular Topics
4G-war Account Information Advanced Persistent Threat Anonymous Apple Threats Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Encryption Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws