Expert analysis
A Note on Proactive Password Checking
Nowadays, proactive password checking algorithms are based on the philosophy of the dictionary attack, and they often fail to prevent some weak passwords with low entropy. In …
OWASP Guide to Building Secure Web Applications version 1.1
The Guide covers various web application security topics from architecture to preventing attack specifics like cross site scripting, cookie poisoning and SQL injection. The …
Interview with Marcel Gagne, President of Salmar Consulting, Inc.
Marcel Gagné is President of Salmar Consulting, Inc., a company that specializes in UNIX/Linux systems and network integration. Over the years, as a systems and network …
Security Online
When a computer connects to a network in an office for example, a world of working possibilities opens up to employees: sharing documents, messaging, instant access to data in …
Security Patches for 602Pro LAN SUITE 2002, Squirrel Mail 1.2.7 and BRU Workstation 17.0
Some of the vulnerabilities we add to our list don’t have vendor replies inside them. These are some of the patches released after the vulnerability was disclosed to the …
Interview with Michael Schwarz, Co-Author of “Multitool Linux”
Michael Schwarz has worked as a UNIX system programmer for more than fifteen years and as a Linux programmer since its emergence. He started the SASi open source project, and …
Interview with Jeremy Anderson, Co-Author of “Multitool Linux”
Jeremy Anderson teaches UNIX classes at Hennepin Technical College. He has expertise in UNIX, Linux, Perl, C/C++, and Java programming. Jeremy is also one of the authors of …
Interview with Steven Murphy, Co-Author of “Multitool Linux”
Who is Steven Murphy? I am a systems analyst principal working on the electronic commerce team for HealthPartners in Minnesota. I enjoy a simple life relaxing in my hot tub in …
The Trivial Cisco IP Phones Compromise
The following paper lists several severe vulnerabilities with Cisco systems’ SIP-based IP Phone 7960 and its supporting environment. These vulnerabilities lead to …
America’s National Cybersecurity Strategy: Same Stuff, Different Administration
Today the White House releases its long-awaited “National Strategy To Secure Cyberspace.” This high-level blueprint document (black/white or color), in-development …
HNS Coverage from RSA Conference 2002 Europe
Here are the news from the conference as they are released: Scope on Attix5 secure backuping software Bridicum receives 4.2 million Euros investment How the press spreads FUD …
NetBSD Releases a Batch of Security Advisories
With the release of NetBSD 1.6, the NetBSD project published a batch of Security Advisories (some of which are updates). * 2002-006 buffer overrun in libc/libresolv DNS …
Featured news
Resources
Don't miss
- OpenNHP: Cryptography-driven zero trust protocol
- The API security crisis and why businesses are at risk
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
- Casio UK site compromised, equipped with web skimmer
- Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities