We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Business Logic Flaws

August 11, 2008 7:18pm

Subscribe [0]

  • #1 / Aug 11, 2008 7:18pm

    Pascal Kriete

    2589 posts

    Most of you probably know that the BlackHat and DEFCON security conferences happened last week.

    Jeremiah Grossman (CTO of WhiteHat security) posted his BlackHat presentation on his blog today, and I thought I should share:
    Get Rich or Die Trying

    Most of us are aware of the same old security issues surrounding web-applications.  XSS and CSRF attacks, SQL injection, DNS poisoning.  The list of acronyms goes on.  What this presentation aims at are business logic flaws, and how they’re exploited.  Sometimes it doesn’t take any illegal activity to compromise an application.

    Something to keep in mind.

    Cheers.

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register