Expert analysis
Q&A: Passwords
Dmitry Sklyarov is an IT security analyst at Elcomsoft. In this interview he discusses strong and insecure passwords, the compromise between usability and security as well as …
Q&A: Wireshark
Gerald Combs works with the developers of WinPcap at CACE Technologies as the Director of Open Source Projects, and is the lead developer of Wireshark. In this interview, he …
Best practices for DNS security
Securing the DNS must be a priority because it is so central to the proper functioning of every IP network. Employing the best possible protections for the DNS will pay huge …
Spam evolution: September 2009
Spam in email traffic The amount of spam detected in email traffic averaged 86.3% in September 2009. A low of 83.3% was recorded on 18 September with a peak value of 91.3% …
Looking back at 2009 through SQL injection goggles
The earliest public mention I could find of SQL injection (“piggybacking SQL statements’ as the author put it) was from someone who called himself Rain Forest …
Q&A: Web application security
Robert Abela is a Technical Manager at Acunetix and in this interview he discusses Web application attack vectors, the impact of Cross-Site Scripting, future threats and …
Q&A: Ubuntu 9.10 security
Kees Cook is the security engineer and Gerry Carr is the head of platform marketing at Canonical. In this interview they discuss the security improvements in Ubuntu 9.10, the …
Ask the social engineer: Practice
One reader wrote in asking: “How can one practice social engineering before using it in the wild?” Answering is Chris “loganWHD” Hadnagy, the lead …
Embracing tokenization: Payment without pain
Today, it’s expected that merchants accept electronic payments. It’s more than expected that those payments are secure. No data leaks or breaches of any kind. The …
Q&A: Hard drive encryption
Dave Anderson is Director, Strategic Planning for Seagate and is involved in developing the opportunities for hard drives to contribute to system security. In this interview …
5 handy WordPress security plug-ins
WordPress is one of today’s most popular publishing platforms. Like any other system, it needs security. What follows is a list of 5 practical plug-ins that extend its …
A closer look at Acunetix Web Vulnerability Scanner 6.5
Web applications are accessible 24 hours a day, 7 days a week and control valuable data since they often have direct access to backend data such as customer databases. SSL and …
Featured news
Resources
Don't miss
- Banshee Stealer variant targets Russian-speaking macOS users
- Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)
- GitLab CISO on proactive monitoring and metrics for DevSecOps success
- Sara: Open-source RouterOS security inspector
- Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd