Chris Shiflett is an author and speaker who leads the web application security practice at OmniTI.
While Sean was visiting the NY office this past week, he noticed a Facebook message from one of his friends that included a suspicious link. When he clicked it, Firefox displayed a Reported Attack Site alert. Clearly, Sean's friend did not intentionall...
With a gentle prod from Jon, I've been reading about the hot topic of font linking. I have as many questions as answers, but I'm going to try to share what I've learned so far, and I hope you'll join the conversation. Jon provides a good history, and ...
Another ZendCon has come and gone. I've been cutting back on the number of conferences I attend, but I've been to every ZendCon so far, and I hope to continue the trend for years to come. Along with php|tek, it's one of the best perennial PHP conferenc...
There are numerous reasons you might want to inspect HTTP when debugging a problem. If you've ever tried to debug problems with sessions, cookies, or redirects, I'm sure you can appreciate how hard it is without taking a close look at what's going on b...
I'll be visiting Cincinnati briefly tomorrow (Thu, 21 Aug 2008) to give my talk entitled Security 2.0 at the local PHP user group, OINK-PUG. Elizabeth Naramore is kindly hosting me, so I'll be able to fraternize after the meeting, which is always the b...
Today is 8/8/8, which is interesting for a few reasons, one of which is that it marks the end of PHP 4. What does this mean? It means yesterday's release of 4.4.9 is the final release of PHP 4. More information can be gleaned from the mailing list arch...
Hi Seth, I'm experiencing exactly the same problem as you have. Have you fixed it? How?
Wotcha Chris, thanks for the tip about headers in the web inspector, I hadn't noticed them! (Actu...
Not much I know so far, didn't get far with debugging it to get as far as http headers but I know...
Yes, good point. The message this worm sends is really just a phishing attack, and Facebook is do...
Given that Samy required no action on the users part, above and beyond viewing an infected users ...
Interesting article - unfortunately more and more legitimate websites are reported attacked just ...
