There's a new sign-in seal on the Yahoo! login page, which is intended to make phishing attacks more unlikely.
A sign-in seal is a secret message or photo that Yahoo! will display on this computer only. Look for it every time you sign in to make sure you're on a genuine Yahoo! site. If the message, […]
![Add '[WebAppSec] Sign-in seals against phishing' to Del.icio.us](http://www.rorsecurity.info/wp-content/plugins/social-bookmarking-reloaded/delicious.png "Add '[WebAppSec] Sign-in seals against phishing' to Del.icio.us")
![Add '[WebAppSec] Sign-in seals against phishing' to digg](http://www.rorsecurity.info/wp-content/plugins/social-bookmarking-reloaded/digg.png "Add '[WebAppSec] Sign-in seals against phishing' to digg")
![Add '[WebAppSec] Sign-in seals against phishing' to Technorati](http://www.rorsecurity.info/wp-content/plugins/social-bookmarking-reloaded/technorati.png "Add '[WebAppSec] Sign-in seals against phishing' to Technorati")
![Add '[WebAppSec] Sign-in seals against phishing' to Stumble Upon](http://www.rorsecurity.info/wp-content/plugins/social-bookmarking-reloaded/stumbleupon.png "Add '[WebAppSec] Sign-in seals against phishing' to Stumble Upon")
Tags: WebAppSec
These days the intranet is coming back. I heard it a couple of times: Our intranet is safe, there's an authentication system and it can be accessed by hosts from our local IP range only, but no, there are no further security measures. If someone manages to get in, he will be able to do […]
Tags: Rails · XSS and Rails
