Expert analysis
Social Engineering: Threats and Countermeasures
Over the years much has been written about how users are the weakest link in security, and there are surely not many people who would disagree. Despite this, companies often …
Web 2.0 Security
Web 2.0 is an umbrella term coined to include technologies used for providing user-centric web based services. Here, the services are architected and programmed so that they …
Cross Site Printing: Printer Spamming
Many network printers listen on port 9100 for a print job (RAW Printing or Direct IP printing). You can telnet directly to the printer port and enter text. Once you disconnect …
WiFi Epidemiology: Can Your Neighbors’ Router Make Yours Sick?
In densely populated urban areas WiFi routers form a tightly interconnected proximity network that can be exploited as a substrate for the spreading of malware able to launch …
Dissecting and Digging Application Source Code for Vulnerabilities
Application source code scanning for vulnerability detection is an interesting challenge and relatively complex problem as well. There are several security issues which are …
Key Management for Enterprise Data Encryption
Data encryption and key management in the real world Best practices dictate that we must protect sensitive data at the point of capture, as it’s transferred over the …
phpBB hacks: password security, anti robot login and a full board security system
phpBB uses its own authorisation/session handling, database abstraction layer and template systems, so there are numerous guides on how to use them to create your own …
Security Predictions for 2008
Saumil Shah is the founder and CEO of Net-Square. In this video, made at Black Hat, he presents an overview on what we can expect in 2008. Saumil bases his assessment on seven …
Security Extensions for Your Joomla! Installation
Joomla! is a free, open source Content Management System that allows you to build websites and other online applications. Because it’s easy to install and simple to …
On the Security of E-Passports
The global introduction of electronic passports is a large coordinated attempt to increase passport security. Issuing countries can use the technology to combat passport …
WordPress Security Plugins
WordPress is a powerful publishing platform that is easy to use and offers anyone the possibility to start a blog in no time. Because of its versatility and a large quantity …
The Case for Automated Log Management in Meeting HIPAA Compliance
The Impact of HIPAA The Health Insurance Portability Accountability Act, better known as HIPAA, was passed in 1996 by the US Department of Health and Human Standards (HHS) to …