http://blog.phishme.com/2007/09/csrf-is-not-xss/ Internet Security Professionals comment on innovative phishing ploys, social engineering techniques, and the latest hacks. Bashing or bowing to the latest and greatest news in the security community. Keep up to speed with what phishers, hackers, and spammers are doing or just listen in on the latest geek rants. PhishMe is your one stop blog for the latest in anti-phishing and security news. Wed, 25 Aug 2010 07:51:26 +0000 http://wordpress.org/?v=2.9.2 hourly 1 http://blog.phishme.com/2007/09/csrf-is-not-xss/comment-page-1/#comment-60 PhishMe » Myth Buster II: We’ve Never Been Hacked Wed, 31 Oct 2007 21:16:07 +0000 http://blog.phishme.com/2007/09/csrf-is-not-xss/#comment-60 [...] about Session Riding attacks? In these cases, we have a legitimately logged in user, coming from their normal IP address [...] [...] about Session Riding attacks? In these cases, we have a legitimately logged in user, coming from their normal IP address [...]

]]> http://blog.phishme.com/2007/09/csrf-is-not-xss/comment-page-1/#comment-59 PhishMe » Myth Buster I: Input Validation is a Panacea Mon, 29 Oct 2007 15:14:44 +0000 http://blog.phishme.com/2007/09/csrf-is-not-xss/#comment-59 [...] Benninger explained the difference between the often confused XSS and XSRF in a previous blog post. The root cause of XSRF is the predicability of key HTTP requests that result in transactions with [...] [...] Benninger explained the difference between the often confused XSS and XSRF in a previous blog post. The root cause of XSRF is the predicability of key HTTP requests that result in transactions with [...]

]]>