Network World

How to protect against cross-site request forgery attacks

Cross-site request forgery (CSRF) attacks are becoming a more common attack method used by hackers. These attacks take advantage of the trust a website has for a user’s input and browser. The victim ...
Threat Post

Cisco Patches High-Severity Flaws in IP Phones

The most serious vulnerabilities in Cisco’s 8800 Series IP Phones could allow unauthenticated, remote attackers to conduct a cross-site request forgery attack or write arbitrary files to the ...
Threat Post

Two Popular IP Cameras Riddled With Vulnerabilities

Two IP cameras sold by Loftek and VStartcam are leaving over 1.3 million users open to 21 vulnerabilities that range from a lack of HTTPS encryption to bugs that open users up to cross-site request ...
Network World

Fortify identifies JavaScript vulnerability in AJAX apps

Security vendor Fortify today said it has identified a JavaScript-related vulnerability that lets an attacker hijack a Mozilla or Microsoft Internet Explorer Web browser session. The vulnerability, ...
Ars Technica

Website drive-by attacks on routers are alive and well. Here’s what to do

Website drive-by attacks that try to booby trap visitors’ routers are alive and well, according to antivirus provider Avast, which blocked more than 4.6 million of them in Brazil over a two-month span ...