A buffer overflow, or buffer overrun, occurs when a program or processattempts to store data beyond the boundaries of a fixed-length buffer (which is a temporary data storage area). Continue reading “Tech Terminology Demystified – Buffer Overflow”
MITRE Corp. and The SANS Institute, participants in what’s called the Common Weakness Enumeration (CWE) project organized by the U.S. Department of Homeland Security’s National Cybersecurity Division, have come out with a list of Top 25 Programming Errors in Software. Continue reading “Top 25 Software Programming Errors”
Mission Impossible !!
With only 100 compromised ATM cards thieves were able to grab $9 million from ATMs in a new style of attack in just under 30 minutes. Law enforcement sources have told that it’s one of the most frightening well-coordinated heists they’ve ever seen.
From the news that have come in till now, the flow of events is presumed to be as follows. Continue reading “$9 million (about Rs.45 crores) stolen from ATMs in less than 30 minutes”
While there have been scores of IT related security incidents and this is definitely not going to be the last, the Heartland Payment Systems incident is noteworthy for the fact that the company in question was PCI compliant. While we have been seeing security certifications such as ISO27001, PCI being introduced and implemented across industry, a key question that rarely gets addressed is the absorption of IT Security initiatives within the organization. No compliance can help when importance of IT Security is not understood. At the end of the day compliance to all security standards is only illusory, reality may be far behind. Continue reading “Compliance is illusory- Security is real”
The audit of OS Security involves different phases from logging into the system and seeing the values on the system to running a few commands / tools to find these values. In this blog article, we will be looking at how to go about an audit of OS Security. Continue reading “Audit of OS Security”