30mins Introductionary Presentation on Client-side Security

I was asked to have a 30 minutes long introductionary presentation on client-side security issues. Although the presentation is very basic and high-level oriented, as it was designed to serve as an overview rather then as an in depth analysis, I thought that still someone may find it useful or may use it in their own presentations.

You can download the PDF version from here and the ODT version from here. Let me know if it works for you.

more | comments | comments rss | posted by

Vulnerabilities in Skype

Aviv has already done most of the work but I would like to add a few more notes on the recently reported Skype Cross-site Scripting issue. In general, the issue is pretty much underestimated. The vulnerability is not of a type Cross-site Scripting bug, but mostly a Cross-site Scripting bug on DailyMotion, which results into a Cross-zone Scripting issue within Skype due to the unlocked IE controller Skype makes use of. [...]

more | comments | comments rss | posted by