Pwnie Award Nominee

Yesterday a friend of mine let me know that some of my BT Home Hub security research (details here and here) got nominated for the Pwnie Awards.

At first I thought oh, that’s cool, but then I learned the category my research had been nominated to: Most Overhyped Bug. [...]

more | comments | comments rss | posted by

Vulnerabilities in Skype

Aviv has already done most of the work but I would like to add a few more notes on the recently reported Skype Cross-site Scripting issue. In general, the issue is pretty much underestimated. The vulnerability is not of a type Cross-site Scripting bug, but mostly a Cross-site Scripting bug on DailyMotion, which results into a Cross-zone Scripting issue within Skype due to the unlocked IE controller Skype makes use of. [...]

more | comments | comments rss | posted by