Firefox cookie-stealing vulnerability
A new zero-day vulnerability in Mozilla Firefox allows malicious web sites to forge authentication cookies for certain web sites.
Monthly Archives: February 2007
Targeted cyber attacks
Cyber attack is the name given by (usually sensationalist) articles and documents describing crimes that occur in a virtual world as opposed to tangible attacks such as war. A targeted cyber attack is when the attacker specifically targets someone or a company. A successful attack will typically allow the attacker to gain access to the… Read More »
Writing an RFP for a Network Access Control Solution
When considering network security solutions, many organizations choose network access control (NAC) technology as an integral part of their security fabric. Many industry experts believe that NAC is vital to complete network security. NAC helps to ensure that devices entering the network will not introduce viruses or other potentially debilitating malware. Once devices have been… Read More »
Valentine’s Day: a powerful lure for spreading malware
As Valentineґs Day approaches, users should keep a wary eye on any romantic messages received by email, as many of them could contain malicious code. The Nurech.A worm appeared earlier this week using this type of lure and has caused an “orange virus alert”. It still continues to spread and infect computers.
Yapbrowser: Directing you to Illegal Content
Web-browsers. They’re all around you, on every PC across the length and breadth of the planet, yet you probably don’t stop to think about them too much. Why would you? They’re just there, and that’s all that matters, like the mouse or the keyboard – a tool you just plug in to do something else,… Read More »
Skype reads out your BIOS data
The Windows version of the Voice-over-IP software Skype reads and stores the BIOS and motherboard serial number of a user’s computer. This hidden feature was accidentally discovered because of an error message Skype outputs when executed on 64-bit versions of Windows.
Utimaco SafeGuard Enterprise supports BitLocker
Utimaco has announced that its SafeGuard Enterprise now supports Windows Vista BitLocker drive encryption. Windows BitLocker is a full volume encryption data-protection feature available in Windows Vista Enterprise and Ultimate editions. With SafeGuard Enterprise, this new feature can be used in combination with other encryption methods while easily managed access heterogeneous platforms.
Implementing SSO: Myths, Errors and Best Practices
In the past decade or so since SSO software came into being, the merchants of doom have been predicting their imminent disappearance in the face of the integration of Kerberos within Windows, the increased Web-enabling of applications, and the development of ADFS and Liberty Alliance.
RSA 2007: Yoggie awarded Most Innovative Company
Yoggie Security Systems has announced that it has been named the Most Innovative Company at the RSA security conference 2007 for the development of Yoggie Gatekeeper Pro security appliance.
Pen Testing vs. Vulnerability Analysis Tools, Which is Best?
Over the past several years I have heard people asking the question “should I use vulnerability analysis tools to assess my web based applications or should I look to penetration testing?” I think we, as an industry, may be asking the wrong question. First, let’s look at how the web application industry has grown over… Read More »