Hackers Reveal Vulnerable Websites

Hackers on a popular hacking message board have begun posting cross site scripting (XSS) vulnerabilities they've found on public Websites, including those of Dell, HP, MySpace, and Photobucket, as well as security companies F5 and Acunetix.

"I think they're just looking on Website after Website and finding holes and posting to the message board," says Jeremiah Grossman, CTO for White Hat Security, who has been watching a heavy volume of XSS vulnerability posts on the "Sla.ckers" message board in the past few days. Grossman says it's unusual to see such a volume of vulnerabilities posted so publicly, plus these are "real, live Websites," he notes. Dark Reading - Desktop Security - Hackers Reveal Vulnerable Websites - Security News Analysis

Linked by shanmuga Friday, 22nd September 2006 1:27AM