Below is a collection of resources that I've gathered that I've decided to stick in one central location. If I'm missing a link please let me know by filling out our Contact Form.
Articles
Vulnerability Scanning Web 2.0 Client-Side Components
08/08/06 Microsoft Team RSS Blog discusses more RSS Risks
Feed Injection In Web 2.0: Hacking RSS and Atom Feed Implementations, Robert Auger 2006
RSS Security, FeedForAll 2005
RSS Security, Greg Reinacker 2005
RSS security issues and useful reading, 2004
Private RSS Feeds: Support for security in aggregators, 2003
How to consume RSS safely
Slightly more secure RSS-to-local-HTML
RSS Security, September 23, 2005
News Articles:
Web 2.0 Means Re-examining IT Security Approach (08/07)
02/21/07 Read RSS, get hacked
Blogs could spread malicious code as they spread news
09/11/2006 More RSS Security Issues Discovered
09/08/2006 RSS Security Issues Discovered in ICQ
Blog Feeds Vulnerable To Embedded Malware
RSS, Atom feeds ripe for attack
RSS For Hackers?
RSS offers opportunities, risks
Blog feeds may carry security risk
French Window: Secure RSS
RSS: The next malware target?, 2006
Do RSS feeds come equipped with security risks?
RSS malware plague predicted for 2006
Microsoft ready to discuss RSS Security
Secure RSS Courts Enterprise Adoption, 2005
Security: The Missing Ingredient in Buzz About RSS
Sharon Housely on RSS Security
Forum Posts and Other Random Links:
Zero Day Subscriptions: Using RSS and Atom Feeds As Attack Delivery Systems (Power Point)
Taking RSS security seriously
Secure RSS, 2003
.NET Buzz Forum Secure RSS
RSS: Really Simple Syndication, Microsoft
RSS Security: Password Protection
Secure RSS Feeds?
RSS Security, cote's Drunk and Retired
RSS Security, S. Housley
RSS Security, MillionPostsBlog
RSS Documentation & Other
Zero Day Subscriptions: Using RSS and Atom feeds As Attack Delivery Systems
What is RSS?, XML.com
Wikipedia RSS Entry
RSS 2.0 Specification
RSS Newsgroups
comp.text.xml
microsoft.public.xml
microsoft.public.dotnet.framework.aspnet
netscape.public.mozilla.xml
