Group items tagged

This time I want to speak on the 'printf' function. Everybody has heard of software vulnerabilities and that functions like 'printf' are outlaw. But it's one thing to know that you'd better not use these functions, and quite the other to understand why. In this article, I will describe two classic software vulnerabilities related to 'printf'. You won't become a hacker after that but perhaps you will have a fresh look at your code. You might create similar vulnerable functions in your project without knowing that. STOP. Reader, please stop, don't pass by. You have seen the word "printf", I know. And you're sure that you will now be told a banal story that the function cannot check types of passed arguments. No! It's vulnerabilities themselves that the article deals with, not the things you have thought. Please come and read it.

The Reform library provides a solid set of functions for encoding output for the most common context targets in web applications (e.g. HTML, XML, JavaScript, etc). The library also takes a conservative view of what are allowable characters based on historical vulnerabilities, and current injection techniques.

Asp.Net forum post announcing the Anti-Cross Site Scripting (XSS) library from Microsoft, with links to downloa.d and documentation

Nepenthes is a tool which surfs while emulating known vulnerabilities and downloads malware which tries to exploit them.

A list of the most widespread and critical errors that can lead to serious vulnerabilities in software. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

Google has taken steps to block ads for e commerce sites that use Polyfill.io service after Chinese company acquired the domain and modified the Javascript library to redirect users to scam and malicious sites. Polyfill is famous library that incorporates help for functions in web browsers. China based content delivery network CDN company Funnull. Over 110,000 sites that embed the library  are affected by supply chain attack. Sansec add in Tuesday report. The development urges web infrastructure providers Fastly and Cloudflare to offer other endpoints to assist users move away from polyfill.jo. The original creator of the project Andrew Betts said website owners to remove it urgently no website today requires any of polyfills in the polyfill .jo library. Most features add to web platform are adopted by mega browsers with few exceptions that can not be polyfilled anyway like Web Bluetooth and Web Serial. Such an attack occur if underlying third party is compromised or changes the code being served to end users in bad method causing  all websites using tool to be compromised. The code has protection against reverse engineering and only activates on special mobile devices at special hours. It does not activate when it detects an admin user. it delays execution when web analytics services is found presumably not end up in stats. San Francisco based c/side has issued an alert of its own domain maintainers added a Cloudflare Security Protection header to their site between March 7 and 8 2024. The Dutch e commerce security firm said domain "cdn.polfill.jo" has caught injecting malware that redirects user to sports betting and pornographic sites. The findings follow an advisory about security flaw impacting Adobe Commerce and Magento websites that continues to remain unpatched despite solution available since June 11 2024. It has emerged that 3rd parties can gain API admin reach without requiring a Linux version vulnerable to iconv issue making it more dangero