Is it sufficient to just benchmarks threats based on CVSS ratings or do we need to do something more to actually understand the threat better Continue reading “Economic Value of a threat”
The IBM Internet Security Systems X-Force® research and development team has recently issued a white paper on Internet Security threats. Some of the key findings are Continue reading “Results of Internet Security Survey”
In cryptography, a cold boot attack (or to a lesser extent, a platform reset attack) is a type of side channel attack in which an attacker with physical access to a computer is able to retrieve encryption keys from a running operating system after using a cold reboot to restart the machine from a completely “off” state. The attack relies on the data retention property of DRAM and SRAM to retrieve memory contents which remain readable in the seconds to minutes after power has been removed.
Credit card fraud is on the rise, and it is time to have a look at tips on how end users can protect themselves from Credit Card fraud.
Here is a compilation of some tips on how to protect yourself from credit card fraud:
When talking about telecommunication, we hear a lot about leased lines, ISDN and MPLS.
This article makes a comparative analysis among MPLS, MLLN and VPN. The following table captures the differences.
Let’s say that you have been asked by Abcxyz Inc to test their HR web portal. You decide to use fuzzing to check for easily guessable user IDs and passwords. You have collected a list of possible user names and a password dictionary has also been shortlisted by you.
Imagine that you are asked to test a web application. You decide to first look at the application to get an idea of what it does and how. The login page. You try to put yourself in an attacker’s shoe. How would he try to gain access to our application through the login page. One of things that come to your mind is
Endpoint security has been gaining ground in the IT Security world in the last couple of years, though they have been around for more than a decade and a half. The first product from the Endpoint Security stable was the anti-virus software. Now endpoint security includes personal firewall, host IDS, anti-spyware, client anti-spam, client remote access etc apart from many other tools. This article delves more into the concept of endpoint security.
A 28-year-old man was charged with the largest credit card theft ever in the United States, in which more than 130 million card numbers were stolen, the US Justice Department said. Albert Gonzalez, of Miami, Florida, and two co-conspirators were accused of hacking into the computer networks of firms supporting major American retail and Financial organizations and stealing data. Continue reading “What does the largest credit card theft teach us?”
It is quite common these days to hear of sensitive information being lost when laptops are either stolen or lost. Rarely does a month go by without an organisation revealing the loss or theft of a laptop brimming with sensitive data. Full disk encryption, or FDE, is the preferred mechanism to address this threat. Continue reading “Full Disk Encryption-Software based or Hardware based?”