Ever wondered why Cross Site Scripting (XSS) is said to be such a bad thing? Who on Earth clicks on links that are 8 inches long, contain funny characters en masse and still enters valid log-in data? Our little demo shows that XSS can be hidden everywhere and it makes your password an easy prey. [...]
Password stealing for dummies
September 1st, 2007 · Comments Off
Microsoft launches Forefront, System Center
May 4th, 2007 · Comments Off
In a move to expand its security and management product lines, Microsoft announced Wednesday the release of its Forefront Client Security and System Center Essentials 2007.
The color of information security
May 4th, 2007 · Comments Off
If information security were a colour, it most definitely would be gray. Like life in general, information security is rarely black and white. As an information security consultant, most questions asked of me and my colleagues are answered in the same way: It depends. That is precisely what is frustrating for many people when they [...]
Rootkits: The next big enterprise threat?
May 1st, 2007 · Comments Off
Late at night, a system administrator performed a routine check of a crashed server, one of 48 systems comprising a major online infrastructure that generated about $4 million per month in revenue. He was a bit surprised that the system had gone down, as it had been humming for months without any indication of being [...]
NIST Completes RFID Security Guidelines
May 1st, 2007 · Comments Off
The National Institute of Standards and Technology (NIST), a non-regulatory agency of the U.S. Department of Commerce (DOC), released this week its guidelines describing the various risks to data security and personal privacy that RFID deployments may pose, while also providing best practices and procedures, based on existing technology and regulations, to mitigate those risks. [...]
Encryption Made Easy: The Advantages of Identity Based Encryption
May 1st, 2007 · Comments Off
Enterprises are becoming increasingly interested in easy-to-use email encryption, as a wide variety of privacy and data protection regulations now apply to small, medium and large organizations across a wide variety of industries. Effective, secure messaging technologies keep sensitive information private, prevent anyone from tampering with the contents of messages and authenticate the identity of [...]
5 Tips for securing personal information at work
May 1st, 2007 · Comments Off
There is always a worry in the work setting that personal information is not secure. Personal information includes any information that expresses facts or judgments about individuals. This information can include names, birthdays, occupation, title, credit card numbers, social security numbers, and other information that is individually assigned. If you worry about securing personal information [...]
Simple defence against Google hacking
April 27th, 2007 · Comments Off
Hackers may be able to use Google’s search tools to unearth sensitive company data, but two IT professionals say basic security hygiene would prevent that data from going public in the first place. "If you have company secrets, you have to take steps to make sure it doesn’t get into the public domain," said Daniel [...]
Are Data Leaks Bleeding Your Company Dry?
April 27th, 2007 · Comments Off
Businesses are starting to respond to the rising threat levels posed by data leakage from pocket-sized storage devices. The push to react is not coming from the fear of lost data as much as it is fear of losing money. Negative publicity became a primary driver last year in influencing corporations to address data leakage [...]
Top 10 Most Famous Hackers of All Time
April 27th, 2007 · Comments Off
The portrayal of hackers in the media has ranged from the high-tech super-spy, as in Mission Impossible where Ethan Hunt repels from the ceiling to hack the CIA computer system and steal the “NOC list,” to the lonely anti-social teen who is simply looking for entertainment.