2012
2011
Google+ Gets a “+1″ for Browser Security
Set-Cookie Secure, Set-Cookie HttpOnly, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection
2010
The Real Lessons Of Gawker’s Security Mess
Making unnecessary statements of bravado, statements potentially divorced from reality, changes the equation for an attacker, it suddenly makes compromising your environment worth more of his or her time.
Google Online Security Blog: Do Know Evil: web application vulnerabilities
Web Application Exploits and Defenses
TabNabbing: Phishing By Switching Background Tab Content
A New Type of Phishing Attack
Plugging the CSS History Leak at Mozilla Security Blog
We're really excited about this fix, we hope other browsers will follow suit. It's a tough problem to fix, though, so I'd like to describe how we ended up with this approach.
Can Apple Safari avoid another Pwn2Own embarrassment?
List of remote code execution flaws fixed with the new Safari 4.0.5
iPhone OS and Mac OS X Stack Buffer Overflow
Solution: iPhone OS: Upgrade to iPhone OS 3.1.3
Operation Aurora
Operation Aurora was a cyber attack conducted in mid-December 2009 and continuing into early January 2010.
Tous coupables ? Hadopi menace les réseaux Wi-Fi
WiFi présumé coupable. Hadopi est une loi inapplicable, coûteuse, et qui crée des injustices.
2009
Securing a Domain: SSL vs. DNSSEC
There has been quite a bit of talk lately about the best way to secure a domain, mainly centered in two camps: using Secure Socket Layer (SSL), or using DNS Security Extensions (DNSSEC). The answer is quite simple—you should use both.
