A week in security (September 4 – September 10)

Last week, we looked into expired domain names being used for malvertising, delved into dubious Facebook apps, and checked out Chinese seminar scams. We also explained the whys and wherefores of false positives, explained what Google is doing with HTTPs, warned you away from a fake DHS email, and...

Zynga Open URL Redirect

\ \ \ \ \ | / \ \ \ / /\ / /\ \ / / |/ /| | / / \ / / / | | /\ / \ / / /| Author: r007k17-w a.k.a Raghavendra Karthik.D Email: [email protected] My blog: http://shadowrootkit.wordpress.com/ Google Dork: Copyright 2010 Zynga Game Network Inc...

Zynga Cafeworld Cross Site Scripting

\ \ \ \ \ | / \ \ \ / /\ / /\ \ / / |/ /| | / / \ / / / | | /\ / \ / / /| alert"r007k17-w" SUG: HTML encoding, escaping special characters,Input sanitization...

Zynga Vampiresgame Cross Site Scripting

\ \ \ \ \ | / \ \ \ / /\ / /\ \ / / |/ /| | / / \ / / / | | /\ / \ / / /| Author: r007k17-w a.k.a Raghavendra Karthik.D Email: [email protected] My blog: http://shadowrootkit.wordpress.com/ Google Dork: Copyright 2010 Zynga Game Network Inc...

Zynga Petville Cross Site Scripting

\ \ \ \ \ | / \ \ \ / /\ / /\ \ / / |/ /| | / / \ / / / | | /\ / \ / / /| SUG: HTML encoding, escaping special characters,Input sanitization...