Expert analysis
Circumventing Validation
Web developers spend a lot of time planning out complex chains of events to make thier web applications work. Within the planning and outlines, implicit control over the chain …
Real World XSS
This paper covers most aspects of XSS attacks including: injection points attack scenarios attacker motivations and techniques code obfuscation examples starts laying a …
Current Antivirus Software is Not Enough
The purpose of antivirus protection on a computer is to prevent the entrance of viruses. There is certainly good reason for using such software, as there are a great number of …
The Top 10 Internet Security Screw Ups
With over 10 years experience of defending against Internet Security threats, Tom Salkield, Managing Director of NetConnect, has seen it all. NetConnect, part of Netstore plc, …
Why Bother Virus Scanning?
I have always thought the idea of scanning for viruses to be flawed, well certainly as a security measure. Yet nearly all of you reading this article will be relying on just …
SOAP Web Services Attacks
The World Wide Web is being used increasingly for application-to-application communication, thanks to programmatic interfaces known as web services. In conjunction with …
Worms Of The Future: Trying To Exorcise The Worst
This is a research paper on the security (or lack of) within computer systems and ways of improvement with respect to mobile and hostile code such as worms. This paper should …
Flooding From The Underground – A Global Threat
When Khaled Mardam-Bey developed an IRC client for the Windows platform, I doubt he envisaged mIRC becoming the basis for the control of an immeasurable number of compromised …
Microsoft Releases Security Updates For November
These new security updates address newly discovered issues in Microsoft Windows, including Internet Explorer. Two of the updates are ranked as “Critical” while one …
Attacking the DNS Protocol
DNS is a heavily used protocol on the Internet yet has numerous security considerations. This paper whilst containing nothing new on DNS security brings together in one …
Web Application Hacking: Exposing Your Backend
We used to have simple web sites. The web server sent HTML to the browser which displayed it. This was a “brochureware” site; designed for marketing or …
Nessus Scanning on Windows Domain
This paper is about using Nessus to scan Windows networks and various scenarios one might encounter. It does not talk about running Nessus from a Windows machine but on a …