Social Engineering is a method often employeed in the attempt to break through network security. It is based on the premise that it is often easier to ask for something than to work for it. Although “social engineering” is not a brand new style of gaining network access. This article will make you think about [...]
Second-order Code Injection: Advanced Code Injection Techniques and Testing Procedures
24 Jul
Posted by Exploitx as WhitePapers
Many forms of code injection (for instance cross-site scripting and SQL injection) rely upon the instantaneous execution of the embedded code to carry out the attack (e.g. stealing a user’s current session information or executing a modified SQL query). In some cases it may be possible for an attacker to inject their malicious code into [...]
By Joris Evers, CNET News.com
Internet service providers face mounting pressure to keep their networks free of pests–not only for the benefit of their customers, but also for the good of the Internet in general.
In the next few months, ISPs in the United States will begin receiving reports on the zombies, or PCs [...]
By Kurt Seifried kurt@seifried.org
While the majority of random and remote attacks come in over the network physical and console security are important factors. In a perfect world every machine would be physically secure with access to the console (i.e. keyboard, reset switch and monitor) tightly controlled. Unfortunately this is not a perfect world it is [...]
By: John Richard Moser
I just had some time to think, and I’ve come across something that
bothers me a lot. I’ve been attempting to write a small reference that
pools together all of the knowledge I’ve accumulated about security
enhancements that can be minimally invasive and cooperate properly in a
desktop environment, to design a system secure enough [...]
Contracted Employee
Today, many positions within a company are outsourced to contractors or consultants. These people have a different relationship with the company from its employees and therefore need different controls.
Definitions of appropriate behavior and the scope of their duties should be made contractually. Contractors are not bound by employee policies and procedures. The contract with [...]
Categories
Meta
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jun | ||||||
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Security Products
