I'm Sure Everything You Do Online Is Safe

...sorry I held my laughter as long as I could. Now let's think about this for a minute. These small yet profitable companies probably have a few more dollars than you for online security and yet they are victims, hmmm...!  ...Butch

F-Secure, McAfee and Symantec websites again XSSed

Written by DP
Friday, 13 January 2012

Once again, the websites of the three famous antivirus vendors are vulnerable to cross-site scripting. The vulnerabilities were reported by "Zeitjak" and "dick" back in mid-April 2011 and appear to be working still. They can be triggered on...

Not surprisingly, McAfee websites are susceptible to XSS attacks

Written by DP & KF
Wednesday, 30 March 2011

Famous antivirus vendor McAfee has been all over the news the past few days, regarding cross-site scripting and information disclosure vulnerabilities that affected several of its websites. It all started when...

Secure Amazon Seller Central password reset page XSSed

Written by DP
Wednesday, 13 October 2010
Just another critical cross-site scripting vulnerability has been reported by "See Me" for Amazon Seller Central, a secure website where sellers who signed up for the "Checkout by Amazon" service can view and manage their orders...

EV SSL-secured live PayPal site vulnerable to XSS

Written by DP
Wednesday, 6 October 2010

"d3v1l" from Security-Sh3ll has reported another critical XSS flaw affecting the live PayPal site, where "real money" changes hands... This XSS vulnerability once more undermines the security of Extended Validation SSL (EV SSL) digital certificates...

Persistent XSS bug discovered on eBay

Written by DP
Wednesday, 6 October 2010

Security researcher "Side3ffects" has contacted us regarding a critical persistent XSS that he discovered on eBay... One of the possible exploitation scenarios is malicious people stealing cleartext credentials from registered users by injecting an iframe tag that retrieves another rogue eBay login page from a remote server... 


Reference: