Month: March 2015

Don’t Forget the Little Things!

On January 31st, Deusen disclosed what was described as a Same Origin Policy Bypass flaw called “Universal XSS (U-XSS)” in IE 9 through 11 on Full Disclosure.  This zero-day is another reminder of why a “Defense in Depth” strategy is so important, even within web applications.  That’s because this particular flaw has to do with …

Don’t Forget the Little Things! Read More »

CarolinaCon 11 Slides for Anatomy of Web Client Attack

For those who have asked – my slide deck for Anatomy of Web Client Attacks can be downloaded here. Jason Gillam is a Senior Security Consultant with Secure Ideas. If you are in need of a penetration test or other security consulting services you can contact him at jgillam@secureideas.com, on Twitter @JGillam, or visit the …

CarolinaCon 11 Slides for Anatomy of Web Client Attack Read More »

Scroll to Top