Companies that have used Asynchronous JavaScript and XML to jazz up corporate Web sites may be dangerously vulnerable to a variety of Web-based threats, warned researchers at the Black Hat USA conference in Las Vegas this month. Billy Hoffman of SPI Dynamics said at the conference that many corporate Web developers are not paying attention to fundamental Ajax security issues.
Full story »