Expert analysis
OWASP Guide to Building Secure Web Applications version 1.1
The Guide covers various web application security topics from architecture to preventing attack specifics like cross site scripting, cookie poisoning and SQL injection. The …
Interview with Marcel Gagne, President of Salmar Consulting, Inc.
Marcel Gagné is President of Salmar Consulting, Inc., a company that specializes in UNIX/Linux systems and network integration. Over the years, as a systems and network …
Security Online
When a computer connects to a network in an office for example, a world of working possibilities opens up to employees: sharing documents, messaging, instant access to data in …
Security Patches for 602Pro LAN SUITE 2002, Squirrel Mail 1.2.7 and BRU Workstation 17.0
Some of the vulnerabilities we add to our list don’t have vendor replies inside them. These are some of the patches released after the vulnerability was disclosed to the …
Interview with Michael Schwarz, Co-Author of “Multitool Linux”
Michael Schwarz has worked as a UNIX system programmer for more than fifteen years and as a Linux programmer since its emergence. He started the SASi open source project, and …
Interview with Jeremy Anderson, Co-Author of “Multitool Linux”
Jeremy Anderson teaches UNIX classes at Hennepin Technical College. He has expertise in UNIX, Linux, Perl, C/C++, and Java programming. Jeremy is also one of the authors of …
Interview with Steven Murphy, Co-Author of “Multitool Linux”
Who is Steven Murphy? I am a systems analyst principal working on the electronic commerce team for HealthPartners in Minnesota. I enjoy a simple life relaxing in my hot tub in …
The Trivial Cisco IP Phones Compromise
The following paper lists several severe vulnerabilities with Cisco systems’ SIP-based IP Phone 7960 and its supporting environment. These vulnerabilities lead to …
America’s National Cybersecurity Strategy: Same Stuff, Different Administration
Today the White House releases its long-awaited “National Strategy To Secure Cyberspace.” This high-level blueprint document (black/white or color), in-development …
HNS Coverage from RSA Conference 2002 Europe
Here are the news from the conference as they are released: Scope on Attix5 secure backuping software Bridicum receives 4.2 million Euros investment How the press spreads FUD …
NetBSD Releases a Batch of Security Advisories
With the release of NetBSD 1.6, the NetBSD project published a batch of Security Advisories (some of which are updates). * 2002-006 buffer overrun in libc/libresolv DNS …
Cross-Site Scripting Vulnerabilities
Have you ever mistyped the address of a web site and received a message like “Error – page name could not be found” or “The page you requested: page …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do