Phishing is the new 21st Century Crime. Organizations and their customers constantly fall prey to “Phishing Schemes”. While Phishers develop evermore sophisticated attacks, network administrators, and their customers grow wary of system security and the official looking requests that mimic official business requests. This paper covers the technologies and security flaws Phishers exploit to conduct [...]

• 0 Comments

Imagine you are the CIO of a national financial institution and you’ve recently deployed a state of the art online transaction service for your customers. To make sure your company’s network perimeter is secure, you executed two external security assessments and penetration tests. When the final report came in, your company was given a clean [...]

• 0 Comments

his article provides good information on what a Denial of Service (DoS) attack is and why they can be so harmful to networks and sites on the Internet. The information here provides in-depth information regarding “smurf” and “fraggle” attacks with a focus on Cisco routers and how to reduce the effects of the attack. Some [...]

• 0 Comments

Identity theft is the fastest growing crime in America. According to the Federal Trade Commission, the number of identity theft incidents reached 9.9 million in 2003, and is estimated to have taken the average victim $500 and 30 hours to resolve. This article is designed to help network administrators and consumers understand the issues surrounding [...]

• 0 Comments

Social Engineering is a method often employeed in the attempt to break through network security. It is based on the premise that it is often easier to ask for something than to work for it. Although “social engineering” is not a brand new style of gaining network access. This article will make you think about [...]

• 0 Comments

Many forms of code injection (for instance cross-site scripting and SQL injection) rely upon the instantaneous execution of the embedded code to carry out the attack (e.g. stealing a user’s current session information or executing a modified SQL query). In some cases it may be possible for an attacker to inject their malicious code into [...]

• 0 Comments