Archive

Archive for February, 2007

Firefox cookie-stealing vulnerability

February 15th, 2007
Comments Off on Firefox cookie-stealing vulnerability

A new zero-day vulnerability in Mozilla Firefox allows malicious web sites to forge authentication cookies for certain web sites.
Read more…

News

Targeted cyber attacks

February 14th, 2007
Comments Off on Targeted cyber attacks

Cyber attack is the name given by (usually sensationalist) articles and documents describing crimes that occur in a virtual world as opposed to tangible attacks such as war. A targeted cyber attack is when the attacker specifically targets someone or a company. A successful attack will typically allow the attacker to gain access to the victim’s assets, allowing stealing of sensitive internal data and possibly cause disruption and denial of service in some cases.
Read more…

Articles

Writing an RFP for a Network Access Control Solution

February 12th, 2007
Comments Off on Writing an RFP for a Network Access Control Solution

When considering network security solutions, many organizations choose network access control (NAC) technology as an integral part of their security fabric. Many industry experts believe that NAC is vital to complete network security. NAC helps to ensure that devices entering the network will not introduce viruses or other potentially debilitating malware. Once devices have been risk-assessed and admitted to the network, NAC continuously monitors their activity the entire time they are on the network.
Read more…

Articles

Valentine’s Day: a powerful lure for spreading malware

February 9th, 2007
Comments Off on Valentine’s Day: a powerful lure for spreading malware

As Valentineґs Day approaches, users should keep a wary eye on any romantic messages received by email, as many of them could contain malicious code. The Nurech.A worm appeared earlier this week using this type of lure and has caused an “orange virus alert”. It still continues to spread and infect computers.
Read more…

News

Yapbrowser: Directing you to Illegal Content

February 9th, 2007
Comments Off on Yapbrowser: Directing you to Illegal Content

Web-browsers. They’re all around you, on every PC across the length and breadth of the planet, yet you probably don’t stop to think about them too much. Why would you? They’re just there, and that’s all that matters, like the mouse or the keyboard – a tool you just plug in to do something else, without worrying about what they happen to be doing internally.
Read more…

Articles

Skype reads out your BIOS data

February 9th, 2007
Comments Off on Skype reads out your BIOS data

The Windows version of the Voice-over-IP software Skype reads and stores the BIOS and motherboard serial number of a user’s computer. This hidden feature was accidentally discovered because of an error message Skype outputs when executed on 64-bit versions of Windows.
Read more…

News

Utimaco SafeGuard Enterprise supports BitLocker

February 9th, 2007
Comments Off on Utimaco SafeGuard Enterprise supports BitLocker

Utimaco has announced that its SafeGuard Enterprise now supports Windows Vista BitLocker drive encryption. Windows BitLocker is a full volume encryption data-protection feature available in Windows Vista Enterprise and Ultimate editions. With SafeGuard Enterprise, this new feature can be used in combination with other encryption methods while easily managed access heterogeneous platforms.
Read more…

News

Implementing SSO: Myths, Errors and Best Practices

February 8th, 2007
Comments Off on Implementing SSO: Myths, Errors and Best Practices

In the past decade or so since SSO software came into being, the merchants of doom have been predicting their imminent disappearance in the face of the integration of Kerberos within Windows, the increased Web-enabling of applications, and the development of ADFS and Liberty Alliance.
Read more…

Articles

RSA 2007: Yoggie awarded Most Innovative Company

February 8th, 2007
Comments Off on RSA 2007: Yoggie awarded Most Innovative Company

Yoggie Security Systems has announced that it has been named the Most Innovative Company at the RSA security conference 2007 for the development of Yoggie Gatekeeper Pro security appliance.
Read more…

News

Pen Testing vs. Vulnerability Analysis Tools, Which is Best?

February 7th, 2007
Comments Off on Pen Testing vs. Vulnerability Analysis Tools, Which is Best?

Over the past several years I have heard people asking the question “should I use vulnerability analysis tools to assess my web based applications or should I look to penetration testing?” I think we, as an industry, may be asking the wrong question. First, let’s look at how the web application industry has grown over the years and how penetration testing has scaled to meet that challenge.
Read more…

Articles