Network World

How to protect against cross-site request forgery attacks

Cross-site request forgery (CSRF) attacks are becoming a more common attack method used by hackers. These attacks take advantage of the trust a website has for a user’s input and browser. The victim ...
https//fedtechmagazine.com

What Is a Cross-Site Scripting (XSS) Attack & Are You Prepared?

Adam Stone writes on technology trends from Annapolis, Md., with a focus on government IT, military and first-responder technologies. The Department of Homeland Security has warned federal agencies ...
Ars Technica

Serious cross-site request forgery vulnerability found in Gmail

Security researcher Petko Petkov has revealed a cross-site request forgery vulnerability in Gmail that makes it possible for a malicious web site to surreptitiously add a filter to a user's Gmail ...
Pro-Linux

Sicherheit: Cross-Site Request Forgery in Django

the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 - noarch python-django-1.6.11-6.el7ost.noarch.rpm ...
ZDNet

Critical CSRF vulnerability found on Glassdoor company review platform

Glassdoor, a website for job hunting and posting anonymous company reviews, has resolved a critical issue that could be exploited to take over accounts. Bug bounty researcher "Tabahi" (ta8ahi) found ...
Threat Post

Two Bugs in WordPress Tooltipy Plugin Patched

The bugs include a reflected cross-site scripting glitch and a cross-site request forgery vulnerability. WordPress has issued fixes for two bugs rated “medium” in its tooltips plugin, including one ...