Please turn on your JavaScript for this page to function normally.
Types of Web-Based Client-Side Attacks

While my research is primarily concerned with drive-by-download attacks, I thought I try to summarize other web-based client-side attacks that are out there, many of which are …

SOX, Lies and Security Matters

When it comes to compliance, it’s fairly easy to find out what companies need to do to achieve it. But it’s much harder for companies to find out how they should …

Discovery and Fuzzing for SQL injections with Web 2.0 Applications

Web 2.0 application assessment is becoming increasingly challenging due to their behavior and implementation of the components. It is imperative to identify hidden Web 2.0 …

Rootkit Evolution

I saw my first rootkit in 2004, when I was still a rookie virus analyst. At that point I had some vague knowledge of UNIX-based rootkits. One day I stumbled on an executable …

Application Security Matters: Deploying Enterprise Software Securely

One of the most interesting aspects of being an information security consultant is the exposure to an enormous variety of industries and organizations. From health care to …

Security Risks for Mobile Computing on Public WLANs: Hotspot Registration

Wireless broadband internet access via hotspots is convenient for both the casual surfer and the internet-dependent teleworker. Unfortunately, current security technologies …

Reverse Engineering: Smashing the Signature

Many antivirus and antispyware solutions identify malicious programs by looking for known unique signatures contained inside them. Those signatures are stored inside a …

Internet Terrorist: Does Such A Thing Really Exist?

Recently, I have experienced an increase in organizations questioning how real is the threat of Internet terrorism and what they can do to protect themselves. As a former …

Reputation Attacks: A Little Known Internet Threat

Reputation attacks target both individuals and companies, and their goal is to ruin the victim’s reputation. While attack techniques are varied, the consequences are …

DTrace: The Reverse Engineer’s Unexpected Swiss Army Knife

Disclaimer: David Weston is no longer an employee of SAIC and his statements do not reflect the views of or an endorsement by the company. In this video, made at Black Hat …

How B2B Gateways Affect Corporate Information Security

B2B gateways were introduced in 2003, marking the first time IT professionals could deploy best-of-breed managed file transfer tools without sacrificing their larger …

Q&A: Views on Privacy and Identity Theft

Jonathan Moneymaker is VP of Operations at Anonymizer. He is a certified Project Management Professional and also holds a BS in Systems Engineering from the University of …

Don't miss

Cybersecurity news