ZeroBin XSS Vulnerability Patched in 0.19

Sébastien Sauvague has just informed me that he has released Version 0.19 to address the Cross-Site Scripting vulnerability that I wrote about in my previous blog post. You can find it at https://github.com/sebsauvage/ZeroBin/releases/0.19 Websites that host the ZeroBin software should update to this latest version.  Although the more modern browsers may mitigate … Continue reading

ZeroBin as a XSS Attack Platform

What if you could have hundreds of websites from which to launch an encrypted cross-site-scripting attack? What if the webservers could store the XSS attack code for you but could not decrypt it? What if the encrypted code could be set to expire after a set time or immediately after … Continue reading

Goodbye Oz Data Centa

All good things must come to an end.  The Oz Data Centa (ozdc.net) was a very useful tool for monitoring PasteBin and I for one will miss it.  The site was run by Lee Johnstone and had an innovative method of cataloging data breaches that were dumped to PasteBin.  Read the … Continue reading

Looking in Pastebin at the Hactivism Carnage

The Web and Twitter is full of news about all of the Israeli websites that have been breached or defaced by internet hackers.  Occasionally these articles will include a hyperlink to Pastebin.com, such as the “Anonymous declares ‘cyberwar’ on Israel” story on CNN.com that references a pastebin.com link with more … Continue reading

  • The postings and views on this site are my own and do not necessarily reflect the positions, strategies, or opinions of any current or previous employer.