Security

Extended Validation Certificates And XSS Considered Harmful.

A cross-site scripting vulnerability on the popular SourceForge.net website shows how Extended Validation SSL certificates could be exploited by fraudsters. Piggybacking on the anticipated extra trust instilled by the presence of an EV SSL certificate, arbitrary content could be injected onto the secure page at SourceForge to create a very convincing phishing attack.


Add your comment:
Name:
Site address: http://
Your message:
Enter today\\\\'s date, 2 digits
(spam protection):

Categories
Hardware
HT-News
IT-Services
Networks
Reviews
Security
Software
News of the day
Oracle launches free database.
Oracle plans to release a free version of its database in an attempt to compete more effectively at the low end of the market.
Popular Articles

Italy enacts national ban for phones in schools.
Rome (Italy) - Italy has banned the use of cell phones in schools across the country, making it reportedly the first European nation to implement such a statewide ban.

INSZoom.com Now Supports Digital Signatures in Immigration Forms
INSZoom.com, Inc., introduces a digital signature component to its immigration case management software, enabling a more effectively workflow process for its global clients.

© Copyright 2009