Monday, June 04, 2007

g0t XSSed?

Following previous posts on XSSing The Planet and XSS Vulnerabilities in E-banking Sites, here's a full disclosure project that's basically categorizing user-submitted XSS vulnerabilities by pagerank/government/public entity, with mirrored XSSed pages.

Even a .secured TLD name is nothing more than a false feeling of security with phishers still loading content from E-banking providers' sites, and actively exploiting XSS vulnerabilities to make their scams use the bank's site. Therefore from a business development perspective you ought to realize that overperforming in a developing market segment, is sometimes more profitable than being a pioneer with an idea the market's not willing to anticipate for the time being -- perhaps for the best.

No comments:

Post a Comment