Many of my readers will know, that example.com, example.net and example.org are reserved for use in documentation, according to RFC 2606. If you surf to any of these sites, there will be just the same information I wrote before and also a link to the RFC 2606. So it’s quiet interesting, why according to my [...]

It’s much later than I wanted to post this but finally here is my demonstration I’ve done for the Security-Zone 2008. Because there are so much resources about XSS and SQL Injections out there already, this posting is just about the hidden phishing method. How it works: Attacker needs a XSS vulnerability at example.com Configuration [...]

The Security-Zone is as far as I know, the most important and biggest security event in Switzerland and like last year I was there to present some stuff. Also like the last time, I wasn’t alone, there where Pascal Mittner from Astalavista IT Engineering and Pascal C. Kocher from Defcon Switzerland (I’ll write something about [...]