Reporting Status of Vulnerability-related Information about Software Products and Websites - 4th Quarter ofOctober – December) - Information-technology Promotion Agency, Japan (IPA) and Japan Computer Emergency

Source URL: www.ipa.go.jp

• Computer security
• Cyberwarfare
• Computing
• Hacking
• Computer network security
• Software testing
• Vulnerability
• CERT Coordination Center
• SQL injection
• Cross-site scripting
• CVSS
• Benjamin Kunz Mejri

Hacking Blind Andrea Bittau, Adam Belay, Ali Mashtizadeh, David Mazi`eres, Dan Boneh Stanford University Abstract—We show that it is possible to write remote stack buffer overflow exploits without possessing a copy of

Source URL: www.scs.stanford.edu

• Computing
• Software bugs
• Software engineering
• Blind return oriented programming
• Computer errors
• Return-oriented programming
• Stack buffer overflow
• Return-to-libc attack
• Address space layout randomization
• Buffer overflow
• Shellcode
• Stack

Subject: Request to Attend Trail of Bits Training Dear [DECISION MAKER], I would like to request approval to attend a Trail of Bits training course, taking place from [DATES] in [CITY]. The program offers comprehensive,

Source URL: www.trailofbits.com

• Cyberwarfare
• Computer security
• Security
• Computer network security
• Software testing
• Hacking
• Cryptography
• Secure communication
• Vulnerability

Cognitive Hacking and Digital Government: Digital Identity Paul Thompson Institute for Security Technology Studies Thayer School of Engineering, Dartmouth College Hanover, New Hampshire 03755, U.S.A.

Source URL: www.ists.dartmouth.edu

Server-Side Template Injection: RCE for the modern webapp James Kettle - - @albinowax Abstract Template engines are widely used by web applications to present dynamic data via web pages and e

Source URL: www.blackhat.com

• Computing
• Software
• Template engines
• Scripting languages
• SQL
• Java enterprise platform
• Cross-site scripting
• Hacking
• Web template system
• FreeMarker
• Apache Velocity
• SQL injection

I2C Hacking Demystified ELC 2016 Igor Stoppa Overview •Typical applications

Source URL: events.linuxfoundation.org

PathCutter: Severing the Self-Propagation Path of XSS JavaScript Worms in Social Web Networks Yinzhi Cao§ , Vinod Yegneswaran† , Phillip Porras† , and Yan Chen§ , {vinod, porras}@csl

Source URL: www.cs.northwestern.edu

• Computing
• Computer security
• World Wide Web
• Hacking
• Computer worms
• Functional languages
• Web programming
• Cross-site scripting
• XSS worm
• Hypertext Transfer Protocol
• Cross-site request forgery
• JavaScript

Revisiting XSS Sanitization Ashar Javed Chair for Network and Data Security Horst G¨ ortz Institute for IT-Security, Ruhr-University Bochum

Source URL: www.blackhat.com

• Software
• Computing
• Hacking
• Cross-site scripting
• Froala Editor
• HTML editor
• TinyMCE
• Online rich-text editor
• WYSIWYG
• CKEditor
• JavaScript
• Content Security Policy

Web Penetration and Hacking Tools David Epler Security Architect

Source URL: www.ncdevcon.com

WebAppSec WG Update TPAC 2015 Brad Hill Scope Expansion •

Source URL: www.w3.org

• Software
• Computing
• Hacking
• URI schemes
• Content Security Policy
• Hypertext Transfer Protocol
• Transport Layer Security
• HTTP referer
• Clickjacking
• Google Chrome
• Firefox
• HTTPS