Security

cross-site scripting (XSS)

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_card-mobile@1/v1570817175/itpro/2018/09/bajavascripthack_shutterstock_720388555.jpg { display: none !important; }

What is cross-site scripting (XSS)?

How XSS exploits work and how to defend against them

7 Apr 2021

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/private/s--woKEq-FV--/f_auto,t_card-mobile@1/v1571757042/itpro/2019/10/google_chrome_security.jpg { display: none !important; }

Google Android

Android gets new security sandboxing features

Google brings mobile site isolation to Chrome to protect against ‘Spectre-like’ attacks

18 Oct 2019

Graphic of a person stealing cryptocurrency from a laptop

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_card-mobile@1/v1570816542/itpro/2018/11/shutterstock_778382566.jpg { display: none !important; }

cyber crime

Hackers infiltrate StatCounter to steal Bitcoin from gate.io

“Supply-chain attack” saw more than 680,000 sites actively infected but the code only specified an address used by gate.io

8 Nov 2018

A padlock on a motherboard surrounded by keys

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_card-mobile@1/v1570815120/itpro/2016/03/padlock_and_keys_security_privacy_breach.jpg { display: none !important; }

penetration testing

Vulnerabilities in web apps at the heart of 73% of breaches

Pen test analysis finds 43% of companies have low or extremely low levels of security

17 Aug 2018

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_card-mobile@1/v1570816329/itpro/2017/02/dell_emc_dellemc.jpg { display: none !important; }

cross-site scripting (XSS)

Researchers warn of nine CVEs in Dell EMC's Isilon platform

The company's OneFS storage OS is vulnerable to cross-site request forgeries and privilege escalation

15 Feb 2018

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_card-mobile@1/v1570811787/itpro/images/dir_184/it_photo_92437.jpg { display: none !important; }

Security

Microsoft to fix IE XSS filter flaw in June

Microsoft will fully patch the flaw in June, after it was disclosed at the European Black Hat conference.

20 Apr 2010

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_card-mobile@1/v1570812666/itpro/images/dir_164/it_photo_82039.jpg { display: none !important; }

Security

Twitter XSS flaw could allow hackers to take over

A bug found in Twitter’s API still hasn’t been fixed yet.

27 Aug 2009

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_card-mobile@1/v1570812856/itpro/images/dir_163/it_photo_81577.jpg { display: none !important; }

Security

Cross-scripting flaws patched in Adobe app software

Adobe said that this time criminals haven’t had the time to take advantage of the vulnerabilities.

18 Aug 2009

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_card-mobile@1/v1570812439/itpro/images/dir_158/it_photo_79069.jpg { display: none !important; }

Security

Mozilla working to defend web against XSS attacks

Firefox's makers have been working on new tech to possibly shut down the threat of legitimate websites corrupted by malicious code.

24 Jun 2009

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk/image/upload/f_auto,t_card-mobile@1/v1570812434/itpro/images/dir_155/it_photo_77696.jpg { display: none !important; }

Security

Python XSS flaw left Google open to attackers

A security researcher reveals how a scripting flaw left many Google services open to an attacker.

14 May 2009

cross-site scripting (XSS)

What is cross-site scripting (XSS)?

Android gets new security sandboxing features

Hackers infiltrate StatCounter to steal Bitcoin from gate.io

Vulnerabilities in web apps at the heart of 73% of breaches

Researchers warn of nine CVEs in Dell EMC's Isilon platform

Microsoft to fix IE XSS filter flaw in June

Get the IT Pro newsletter

Get the free daily newsletter from IT Pro, delivering the latest news, reviews, insights and case studies

Twitter XSS flaw could allow hackers to take over

Cross-scripting flaws patched in Adobe app software

Mozilla working to defend web against XSS attacks

Python XSS flaw left Google open to attackers