Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters

Articles

Sort results

Defeating Attacks Easier Than Detecting Them

Defeating modern attacks – even distributed ones – isn’t the problem. The problem is detecting them in the first place. Last week researchers claimed they’ve discovered a way to exploit a basic security flaw that’s used in software that’s in... Read more
0 Reviews

Out, Damn’d Bot! Out, I Say!

Exorcising your digital demons Most people are familiar with Shakespeare’s The Tragedy of Macbeth. Of particularly common usage is the famous line uttered repeatedly by Lady Macbeth, “Out, damn’d spot! Out, I say” as she tries to wash imaginary... Read more
0 Reviews

Are You Scrubbing the Twitter Stream on Your Web Site?

Never never trust content from a user, even if that user is another application. Web 2.0 is as much about integration as it is interactivity. Thus it’s no surprise that an increasing number of organizations are including a feed of their recent... Read more
0 Reviews

Are You Scrubbing the Twitter Stream on Your Web Site?

Never never trust content from a user, even if that user is another application. Web 2.0 is as much about integration as it is interactivity. Thus it’s no surprise that an increasing number of organizations are including a feed of their recent... Read more
0 Reviews

When Is More Important Than Where in Web Application Security

While you spend your time arguing over where application security belongs, miscreants are taking advantage of vulnerabilities. By the time you address the problem, they’ve moved on to the next one. Dmitry Evteev @ Positive Technologies Research... Read more
0 Reviews

Excuse Me But Is That a Gazebo On Your Site?!

There are few things in reality that can match The Gazebo in its ability to evoke fear and suspicion amongst gamers. The links on your web site may be one of them. In the history of Dungeons and Dragons there exists the urban legend known to... Read more
0 Reviews

Jedi Mind Tricks: HTTP Request Smuggling

How to defeat the ancient Jedi mind trick known as HTTP Request Smuggling.  HTTP Request Smuggling (HRS) is not a new technique; it's been around since 2005. It takes advantage of architectures where one or more intermediaries (proxies)... Read more
0 Reviews

The Web 2.0 Botnet: Twisting Twitter and Automated Collaboration

Collaborating automatically via Web 2.0 APIs is a beautiful thing. I can update status on Twitter and it will automagically propagate to any number of social networking sites: Facebook. FriendFeed. MySpace. LinkedIn. If I had to do it all... Read more
0 Reviews

Ruby developers ignore security risks, claim X-JSON header ‘nothing serious’

Those who cannot remember the past are condemned to repeat it. George Santayana, The Life of Reason, Volume 1, 1905 US (Spanish-born) philosopher (1863 - 1952) This oft repeated quote needs to be tweaked just a bit to be more applicable to... Read more
0 Reviews

I am in your HTTP headers, attacking your application

Zero-day IE exploits and general mass SQL injection attacks often overshadow potentially more dangerous exploits targeting lesser known applications and attack vectors. These exploits are potentially more dangerous because once proven through a... Read more
0 Reviews

BusinessWeek takes viral advertising a little too seriously

Yesterday it was reported that BusinessWeek had been infected with malware via an SQL injection attack. [begin Mom lecture] Remember when we talked about PCI DSS being a good idea for everyone, even though... Read more
0 Reviews