Topic: man in the middle attacks

Beware the cookie injection

Man-in-the-middle attacks are nothing new. But when that man-in-the-middle attack includes cookie injections, things get messy. Security researcher Xiaofeng Zheng published a PDF describing the methods used to make such an attack work in August. In the PDF, Zheng detailed the lack of security around cookies. “The same-origin policy is a corner stone of Web … continue reading

NativeScript public beta, Adobe’s approach to flaw detection, and Django REST framework 3.1—SD Times news digest: March 6, 2015

It has been almost a year since Telerik announced its cross-platform framework for Android, iOS, and Windows. Today, that NativeScript framework is finally making it into public beta. Valentin Stoychev, product line manager at Telerik, announced that developers can start using the framework to build native mobile apps with CSS and JavaScript. “We have been … continue reading Protection Status