XSS

Home is where the XSS is: DHS Warns of Flaw in Building Automation System

In-brief: the Department of Homeland Security warned on Thursday that a common home automation controller manufactured by the firm Schneider Electric contains a software flaw that could leave the device vulnerable to hacking. 

Update: Vulnerability Prompts Warning: Stop Using Netgear WiFi Routers

In-brief: A serious security hole in the software that runs certain models of wifi routers made by the firm Netgear prompted warnings to customers to stop using them until a fix can be found. (Editor’s Note: updated with comment from Netgear. PFR 12/12/2016)

RSA VOHO Attack Graphic

Last of OWASP’s Top 10 Still a Potent Threat

In-brief: Open redirects and forwards may be at the bottom of OWASP’s Top 10 list of web application security vulnerabilities, but they are still a potent and widespread problem, says Akamai’s Or Katz, who offers some suggestions for fixing it.