Three weeks ago Path.com was fined for stupidly stealing their user’s contact list and saving it onto their servers. Path’s doing was obviously wrong but I’m not sure that their punishment was really justified, needing to pay this enormous bribe to the FTC using COPPA as »
So my favorite script kiddy and copycat, Feross (copied, note the shameless “I discovered” in his Quora post, LoL) Found a social engineering flaw in the HTML5 fullscreen mode that can be used for phishing attacks. This time it might be even his own finding… what do you know 😉 This »
Two weeks ago this guy managed to revive my 3 years old Webcam ClickJacking POC and also managed to revive some of the buzz surrounding it. The revived attack is exactly the same as my 2008 POC it even uses lots of my code. The different is that instead of »
*Update: *Youtube has revived my video. you can now watch Webcam Clickjacking as much as you like. — Remember ClickJacking? The generic flaw in web browsers and HTML. Remember Webcam Clickjacking? My PoC showing how this flaw can be used to take control over a victim webcam and mic. Well, my »
I was going to congrat Adobe for their fix to the private browsing in Flash, this was my original text: I’m glad to say that Adobe has fixed the minor issue they had with the new Flash Player 10.1 private browsing. I’ve written before on how a »