Wifi Password Recovery - UTM - Vulnerability Scanning


VIP LOUNGE
CLOUD LOGIN
Sun Sun Sun

You are here: News > News > Cyber Security Challenge UK encounters slipups

» IT Security NEWS
 
» 04 May 2010
Cyber Security Challenge UK encounters slipups

 

The website of the Cyber Security Challenge UK will initiate the registration for the candidates of their online event this coming season of fall. The affair is aimed at distinguishing and developing the labor force that will uphold the safety of the online community.
Untoward occurrence were not anticipated
Inconvenience truly turns up during the most unexpected times and this was evident few days after the activity was opened for the participants at InfoSecurity Europe. Dreadful as it may seem, an XSS hole was discovered in the website just after the launch.
Netcraft made a report on the said vulnerability that was found in the Cyber Security Challenge UK’s website. Based on the technical record, an online criminal may take advantage of this hole and incorporate a JavaScript through the title of the site and also the h2 elements. This may be done by attaching the malicious code to the URL of the affected website.
Immediate action is being performed
According to the web developer James Wheare, they checked the XSS fault right away after the recent discovery. Upon distinguishing the hole in the Cross Site scripting, Wheare instantly worked on it by adding a certain text into the website’s URL. This was done in order to recognize if it would appear on the page.
The website made use of that text so as to fill the title or even the h2 elements within the page. The developers of the page did not encode the page adequately so as to avoid any attacks on it that may permit incorporation of the <script> tags and JavaScript code into the web pages.
No more fear for any threats that may emerge
The XSS vulnerability actually does not belong to the security challenge and the developers already found a remedy for it. The important lesson learned from this incident is that no one is in the position to allow faults in encoding, making a website susceptible to attacks via Cross Site Scripting.
The Office of Cyber Security, member of United Kingdom Government, supported the Cyber Security Challenge UK site as a component of the online safety plans. Other sponsors of this event are the following: Dtex Systems, Institute of Information Security Professionals, SANS Institute, and QinetiQ Consulting.
Read the texts found in the different links to learn more about SecPoint: About SecPoint, SecPoint Press, and SecPoint Awards.

 


Reviews of SecPoint.com
 
 
 
 
 

Awards & Reviews
  

  

Subscribe to our Mailing List

Customer References


About
About
SecPoint
History
Mission Statement
Vision
Management
Investment
Bank
Sponsorship
Certificates
Environment
Environment
What is RoHS Weee?
Accounting
Values
Member of Organisations
Merchandise
SecPoint Certification
Design
Status Information
Hardware Vendors
Jobs
Environment
SecPoint on social media
Twitter Facebook Youtube
Products
Products
Protector
Cloud Protector
Penetrator
Portable Penetrator
Cloud Penetrator
Free IT Security Tools
Pricing
SecPoint Brochures
SecPoint Questions FAQ
SecPoint Datasheets
SecPoint SPID Library


Partners
Partners
Become a SecPoint Affiliate
Become a SecPoint Partner
SecPoint Franchising
SecPoint Partner Lounge
News
News
Press
Product Awards
SecPoint RSS Feeds


Contact
Contact
General Contact
IT Security Products Webshop
Latest SecPoint Software Images Change Log
SecPoint FAQ Frequently Asked Questions
SecPoint on Twitter
SecPoint Sales Training Videos
SecPoint Shipping Cost
SecPoint World Wide Shipping
Support
Solutions
Anti-Spam Appliance
UTM Appliance
Penetration Testing
Proxy Appliance
SAAS
Spam Filters
Vulnerability Assessment
Vulnerability Scanner
Vulnerability Scanning
Vulnerability Scanning Appliance
Web Content Filter
Web Filter Appliance
WiFi Hacking
How essential is vulnerability
management?
What is ...?

Encyclopedia | Free Scan Statement | Link Policy | Privacy Statement | Resources | Sitemap | User Policy
© Copyright 1999-2012: SecPoint®
SecPoint ApS Noerregade 7B - 1165 Copenhagen K - Denmark
US Toll free: +1-888-704-7297 - EU: +45-70-235-245