Aviv Raff On .NET

Month of Twitter Bugs

Aviv Raff — Mon, 15 Jun 2009 17:41:25 GMT

Back in July 2006, I had the opportunity to be part of a cool initiative called “Month of Browser Bugs”. This initiative was created by H.D Moore in order to raise the awareness of security...

[[ More information available... ]]

Cross-Web2.0 Scripting

Aviv Raff — Mon, 18 May 2009 22:40:14 GMT

Mikeyy wrote a twitter worm. It’s old news, I know, and by now Twitter seem to fix all the known vulnerabilities on their website. But, let’s say that there are no more XSS/CSRF/etc. vulnerabilities...

[[ More information available... ]]

A La CORE Impact

Aviv Raff — Tue, 14 Apr 2009 20:44:57 GMT

I love CORE Impact’s advisories. Most of them contain a long timeline which most of the time I find very amusing. Usually, whenever I post an advisory the timeline is short, as most of the...

[[ More information available... ]]

A different Opera

Aviv Raff — Thu, 30 Oct 2008 17:47:21 GMT

If you ask any Opera fanboy, he will tell you that Opera is the most secured browser. Well frankly, it really is a good and secure browser, implementing many restrictions that other browsers simply...

[[ More information available... ]]

Sharing is not always a good thing

Aviv Raff — Fri, 10 Oct 2008 13:03:06 GMT

You all learned about the value of sharing. When I was a kid my mother taught me that I should share my stuff with my friends. Unfortunately, sharing is not always a good thing. Especially,...

[[ More information available... ]]

Happy New Year

Aviv Raff — Thu, 02 Oct 2008 06:16:33 GMT

We've just passed the Jewish new year's holiday. Happy new year! It's a custom in this holiday to eat an apple and honey for a sweet new year. Sadly, this year starts with a little bit sour...

[[ More information available... ]]

Software Mule FAQ

Aviv Raff — Fri, 12 Sep 2008 16:51:17 GMT

Q: What is a Software Mule? A "software mule" is a computer program which embedded, and therefore is dependent on, code of many other programs and libraries. Q: Ok, I...

[[ More information available... ]]

Google Mule

Aviv Raff — Wed, 03 Sep 2008 19:24:45 GMT

In real life, when you take two species, a horse and a donkey, and mix them up you get a mule. In the browsers world, when you take a horse (Firefox/IE) and a donkey (Safari) and mix them up, you get...

[[ More information available... ]]

Security "best" practices

Aviv Raff — Mon, 18 Aug 2008 21:19:57 GMT

Do you think that just following security best practices will keep you and your users safe? Think again. Recently, I've found 2 examples where following security best practices can...

[[ More information available... ]]

iPhone is Phishable and SPAMable

Aviv Raff — Wed, 23 Jul 2008 18:34:37 GMT

Summary The iPhone's Mail and Safari applications are prone to a URL Spoofing vulnerability, which may allow attackers to conduct phishing attacks against iPhone users. By creating a specially...

[[ More information available... ]]