Cross-site scripting (XSS) is a type of security vulnerability typically found in web applications where attackers cause a web server to send a page that contains malicious HTML or other client side scripts to a victim’s browser.
Continue reading “Tech Terminology Demystified – Cross-site Scripting”
Tamil Nilam is the Tamil Nadu government’s land administration and management system. Tamil Nilam has been implemented in all rural Taluks of Tamil Nadu. Touch screen kiosks to disseminate information related to land records have been implemented in 127 Taluks. This G2C initiative has been a phenomenal success both in terms of revenue and reach.
Continue reading “India’s ambitious National e-Governance Plan”
Public key cryptography as we know it is actually the outcome of efforts to solve a major issue with symmetric encryption systems (such as the DES)-key distribution. Concepts such as private key and public key represent the final step in the solution to the problem of key distribution. Continue reading “A History of Public Key Cryptography”
Companies often end up investing huge amounts in creating logical and network security perimeters and at times physical security is relegated to the background. According to New York Post, A civilian official of the NYPD’s pension fund has been charged with taking computer data that could be used to steal the identities of 80,000 current and retired cops. According to news reports, Bonelli bypassed the security guard on duty by flashing an expired ID card. His name was also not on a list of authorized personnel. Continue reading “Physical Security – Welcome The weakest link in IT-security”
“I have a real time virus scan enabled. A full system virus scan consumes lot of my computer resources and time. So why should I run a full system virus scan regularly?”. This is a query which we come across frequently. This article tries to bring more clarity about full system virus scan and a real time virus scan. Continue reading “Is full system virus scan required when real time virus scan is enabled?”
More than half – 59 per cent – of US workers made redundant or who left their job in 2008 admitted swiping confidential corporate data, such as customer list, before they left, a new study claims. Continue reading “Information Leaves when Employees Leave”
Microsoft’s periodically revamped CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) has been broken, yet again in spite of it’s continued efforts towards protecting it. This is the latest in a series of ‘break-ins’ which started in early 2008 and has affected major service providers including Google & Yahoo. Continue reading “Bots create Microsoft Live Hotmail Accounts by breaking CAPTCHAs”
IT risk is gaining increased attention from executive management, stakeholders and regulators alike. The COBIT framework provides a generally accepted framework for IT but this does not deal with risk management in a comprehensive manner. The ITGI has now remedied this gap with their latest initiative-a framework for IT related risk management. Continue reading “IT Governance Institute’s New Framework-Risk IT”
A buffer overflow, or buffer overrun, occurs when a program or processattempts to store data beyond the boundaries of a fixed-length buffer (which is a temporary data storage area). Continue reading “Tech Terminology Demystified – Buffer Overflow”
MITRE Corp. and The SANS Institute, participants in what’s called the Common Weakness Enumeration (CWE) project organized by the U.S. Department of Homeland Security’s National Cybersecurity Division, have come out with a list of Top 25 Programming Errors in Software. Continue reading “Top 25 Software Programming Errors”
