Software

0a8cae998f9c51e3b3c0ccbaddf521aa

It's not Illegal if You Consent: Malware's Dirty Little Tricks

March 08, 2012 Added by:Rafal Los

Bad guys often rely on the end-user's lack of awareness, employing some dirty tricks like creating a convincing web page that looks just like your antivirus software, or something equally dastardly. But there's another trick that makes me crazy: End User License Agreements...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Building an AppSec Training Program for Development Teams

March 07, 2012 Added by:Fergal Glynn

A holistic application security approach that includes integrating developer training with static analysis and advanced remediation techniques will help reduce overall risk across your enterprise application portfolio and will strengthen your security program...

Comments  (0)

1de705dde1cf97450678321cd77853d9

Out With the New, In With the Old: OS Security Revisited

March 06, 2012 Added by:Ian Tibble

Operating System Security is radically under-appreciated, and this has been the case since the big bang of security practices in the mid-90s. OS security, along with application security, is the front line in the battle against hackers, but this has not been widely realized...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

A Security Resolution for Developers

February 22, 2012 Added by:Bill Gerneglia

You can’t understand how applications will be attacked if you don’t know how they work. Applications ultimately transmit data and operate on hardware in a network. Developers need to understand protocols, dependencies, communications, encryption, and more...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Antivirus Ban for Iran: A Controversial Penalty

February 20, 2012 Added by:Pierluigi Paganini

Iran will be banned from the purchase of antivirus systems, a technological embargo with clear implications for the Stuxnet virus attacks and the need to prevent further infections to control systems for critical infrastructures, namely their nuclear programs...

Comments  (0)

01ceb9281b3fb3dbb90c3efbe327717e

How They Do IT: Spam Filters

February 08, 2012 Added by:Alan Woodward

The current volumes of spam email are extraordinary. Between 70% and 80% of all email sent are spam. As none of the current methods described here are completely effective, there is still scope for much further research in this area...

Comments  (0)

01ceb9281b3fb3dbb90c3efbe327717e

When a Tool Becomes a Weapon

February 01, 2012 Added by:Alan Woodward

The Metasploit Project is an extremely valuable tool. However, a recent development which was revealed demonstrates just how easily the Metasploit Framework can be used to develop malicious payloads that avoid detection by the usual Anti-Virus and Firewall software...

Comments  (1)

296634767383f056e82787fcb3b94864

Did Symantec's 2006 Breach Impact These High Risk Customers?

February 01, 2012 Added by:Jeffrey Carr

As the world's largest vendor of security software, the breach puts all of its corporate and government customers at risk, because if Symantec didn't know the extent of its breach back then, how do Symantec's customers know that their current product line is safe to use?

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Significance of 'Death of the Document Web' to Security

January 18, 2012 Added by:Rafal Los

Infosec pros just started getting comfy with profiling, analyzing, and defending web-based apps from a server, consumed by a human, and used in a browser. Hang on tight because the world just took a sharp left and if you're not buckled in you're bound to be thrown from the bus...

Comments  (2)

03b2ceb73723f8b53cd533e4fba898ee

Symantec: The Inconvenient Truth Behind the Data Breach

January 17, 2012 Added by:Pierluigi Paganini

Initially, Symantec spokesman Cris Paden said the hackers had stolen only the source code of Symantec Endpoint Protection 11.0 and Symantec AntiVirus 10.2, minimizing the seriousness of the breach. The situation has now changed dramatically...

Comments  (0)

0ff0a77035f9569943049ed3e980bb0d

Content Raven – High Speed Low Drag

January 10, 2012 Added by:

Security professionals are always struggling to get usage statistics with security products. Content Raven gives you great metrics and analytics out of the box. I can track by user and/or device and /or location what the user has looked at and for how long...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Some Facts About Carrier IQ

December 19, 2011 Added by:Electronic Frontier Foundation

There is an additional configuration file (called a "Profile") that determines what information is sent from the phone to a carrier. Profiles are programs in a domain-specific filtering language - they are normally written by Carrier IQ to the specifications of a telco or other client...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Top Ten Mistakes Made By Linux Developers

December 11, 2011 Added by:Danny Lieberman

My colleague, Dr. Joel Isaacson talks about the top ten mistakes made by Linux developers. It’s a great article and great read from one of the top embedded Linux programmers in the world...

Comments  (0)

82ac4cd789b46af43c0cde730625317e

Common Errors in Firewall Configurations

December 06, 2011 Added by:Christopher Rodgers

With the "ANY" port accessible vulnerability, clear text protocols could be used when both a secure and less secure clear text service are running on the same system, and vulnerabilities found for specific services such as SMB could be launched against vulnerable machines...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Challenges for Software Security Professionals

December 02, 2011 Added by:Rafal Los

So what catches your attention? What conclusions can you draw here that may be insight into how we can improve the state of software security in the enterprise? My eye gets caught on "politics" and TOOLS in big bold letters... then UPHILL and APATHY. Dang, we're a cynical bunch aren't we...

Comments  (1)

Af9c34417f8e5e0d240850bb353b5d40

Free From Defect Software License

November 22, 2011 Added by:Keith Mendoza

This is a question that I would like to pose to the open-source software community: Assuming that we can ignore the lawyers for a second, what amount of effort would you be willing to put to produce software that is free of defect from workmanship? How will you go about making sure?

Comments  (2)

Page « < 2 - 3 - 4 - 5 - 6 > »