German XSS Madness
Thanks to the EOF Projekt for their drive-by list of European banks vulnerable to cross site scripting -- specifically IFRAME insertion attacks.
I still maintain that live XSS phishing attacks are rare in the real world -- they're not very repeatable, and depend on a weakness in the target bank's infrastructure -- but well-documented failures in web site design certainly aren't helping.
I still maintain that live XSS phishing attacks are rare in the real world -- they're not very repeatable, and depend on a weakness in the target bank's infrastructure -- but well-documented failures in web site design certainly aren't helping.
posted by todb at 10:06 AM
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home