I found an interesting article. The article talks about the sources of malware. According to a research group more than half of the malicious sites available on the internet are hosted in China. The more interesting thing is that Google and Blogger.com together are the 4th biggest source of malware. Ironically enough Google is the one who reported all the sites examined in the project as malicious.
Here is the whole article.
A Zero-day vulnerability was found in the Internet Explorer and reported to Microsoft. Through the flaw a malicious user is able to hijack cookies and steal credentials. The Internet Explorer 6 on Windows XP SP2 and SP3 are only affected by this security flaw. Secunia rates this a moderately critical issue. Since there is not a patch available for IE users it is recommended to use another browser or upgrade to IE 7.
Here is the full article if you want to read more.
The internet is growing faster then ever and it will probably will not stop growing in the near future. The same thing applies to web applications. Each day there are thousands of new web applications and they are becoming more and more important. More companies rely heavily on them, for that reason it is a extremely important to secure them properly. By understanding how to hack them you will understand how to secure them.
As with everything, hacking web applications is about experience and knowledge. That is the reason why I want to show you how and where you can learn about it.
Legal Web Hacking sites
There are several good web sites where you can learn about hacking web sites. I do not want to go into detail since I already listed most of them in my first and second part of the learning how to hack article.
Learning Web Hacking Through Programs
If you want to learn to hack web application I recommend you download Webgoat. Webgoat was created by OWASP. You can download it for free on OWASP’s web site. After downloading it you need to extract the zip-file. Then double click on the webgoat.bat file. This makes your computer more vulnerable so I recommend that you unplug your network cable so you do not have access to the internet. Afterwards open up a browser, browse to http://localhost/WebGoat/attack and enter “guest” as username and password. You should now see something similiar to the picture below. On the left side of the page you can select the different things you want to learn. Clicking “Hints”, on the top of the page, will help you with the challenge when you are stuck.
Have fun 
If you have any questions or you are stuck in a challenge, feel free to contact us.
