The Last HITB Security Conference in Malaysia

Hands-on Technical Trainings - 13th & 14th October

http://conference.hitb.org/hitbsecconf2014kul/#tile_schedule

Triple-Track Conference - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/conference-speakers/

 

Capture the Flag - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/capture-the-flag/

HackWEEKDAY - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/hackweekday/

CommSec Village - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/commsec-village/

REGISTER ONLINE NOW

Website 'spoofing' still fools users, security study reveals

http://zapt0.staticworld.net/images/article/2013/05/security-100036201-large.jpg

 A close look at vulnerabilities in about 15,000 websites found 86 percent have at least one serious hole that hackers could exploit, and content spoofing is the most prevalent vulnerability, identified in over half of the sites, according to WhiteHat Security's annual study published last week.

Content spoofing is a way to get a website to display content from the attacker, says Jeremiah Grossman, CTO at WhiteHat, an IT security vendor. A criminal might do this to steal sensitive customer information or simply to embarrass the owners of a website. In any event, in content spoofing, the fake content is not actually on the website as it would be in a web defacement, but simply appears to be there, Grossman points out. (A variation is email spoofing, which makes an email message appear to come from a trusted correspondent; it often includes a link that sends the reader to a malicious site.)

Tags: