Expert analysis
Know Your Enemy: Behind the Scenes of Malicious Web Servers
In our recent KYE paper on malicious web servers, we identified several hundred malicious web servers. These servers launched, so-called drive by downloads, that allowed them …
PCI DSS Compliance: A Difficult But Necessary Journey
The need to comply with the Payment Card Industry Data Security Standard (PCI DSS) has been a rude wake up call for thousands of companies who believed their networks are …
Interview with Janne Uusilehto, Head of Nokia Product Security
Janne is Head of Nokia Product Security, responsible for product security development at the world’s number 1 mobile device manufacturer. He is a member of several Nokia …
Block Data Leakage at the Source
Computer networks today have become increasingly open, with greater reliance on IP. More and more staff are accessing a greater number of applications and databases, while …
Theft and Snooping Alarm for Your MacBook
iAlertU is a simple utility that turns your MacBook into a motion sensitive remote controlled alarm system. I cannot think a lot of useful ways of using the software, but the …
A Security Focus on China Outsourcing
Business process outsourcing (BPO), such credit card transactions, medical claims data entry and financial transactions, has been around for a number of years. The act of …
High-Level Reverse Engineering
This paper aims to present a methodical framework for high-level reverse engineering. The methodology is a culmination of existing tools and techniques within the IT security …
Removable Devices: The Menace Within
Handheld USB devices have been a godsend to anyone who wants to take information from one PC to another, but their ease of use also has created a new type of security headache …
The Federal Bureau of Investigation – Capabilities and Service
The Federal Bureau of Investigation (FBI) is an elite law enforcement organization. This article provides an overview of FBI teams, InfraGard and the FBI Citizens’ …
Guide to Online Antivirus Solutions Part 8: CA Online Virus Scanner
Internet connections are getting faster every day, so online antivirus solutions transformed from proof of concepts into actual quality security services. Lately I have been …
Attacking the Build through Cross-Build Injection
A poorly designed software build process can allow an attacker to insert malicious code into the final product or to take control of a build machine. This paper surveys …
Mac Security Freeware: Password Manager, Screen Locker and MD5 Checksum Checker
In a series of articles on Mac security freeware I will be covering a number of newly released security tools for Mac OS X. This time I am taking a look at KeyMaster 1.0.1 …