I know there are quite a few people who read this site but don’t look at the forums, so to save you some time in combing through all the recent posts, I thought I’d highlight a few that were very noteworthy. The first is from Łukasz Pilorz. After doing quite a few tests against the most recent mhtml vulnerability in IE (which turned out to be a problem with interaction between outlook express and the browser) Łukasz found that there is one server side mitigating factor that makes this attack fail - and it’s something as simple as adding a few linebreaks to your code.
Next there has been a lot more attacks against MySpace on the forums as of late. I think increased awareness of how high profile a target has been the main impetus, but I’m speculating. Anyway, kuza55 found a rather interesting hole in Myspace using XSS Fragmentation which is a tricky way of saying he used two benign peices of code, injected into two different places on the same page to create a successful attack vector. It’s an interesting read and a terrific proof of concept about why doing blacklisting is prone to failure.
It’s also an interesting concept because it shows why you cannot look at the injection point alone and make a decision on it’s level of security. This is where a lot of application security scanners tend to fail - by looking at the singular output of a parameter rather than knowing the system as a whole.