6th December 2018
Cross-site scripting (XSS) uses the trust of browsers and ignorance of users to steal data, take over accounts, and deface websites; it’s a vulnerability that can get very ugly, very quickly. Let’s take a look at how XSS works, what damage can be done, and how to prevent it.…
27th September 2017
The bug is still out there. It isn't something that can be fixed right away. Over the past few months, I contacted dozens of companies and affected vendors as part of their bug bounty programs in order to get their setup fixed.…
18th September 2017
Positive-reinforcement campaigns are often one of the best ways to modify risky behavior, but they're definitely an outlier…
12th September 2017
Skip forward to 2016 and a security researcher found a common vulnerability known as cross-site scripting (XSS) on the main Equifax website, according to a tweet from a researcher who goes by the name x0rz.…