Expert analysis
5 handy WordPress security plug-ins, part 2
If you’re one among the millions of users of WordPress, and you really don’t have that much knowledge about what’s going on under the hood, your best bet to …
Invasive vs. non invasive web application security scan
When evaluating an automated web application security tool, such as Acunetix WVS, the first two questions that typically one would ask are “Does this tool perform an …
Top 5 Firefox add-ons: Security testing and assessment
Test your sites and web applications and perform a security assessment/audit of your work with these handy tools: 1. Tamper Data Use it to view and modify HTTP/HTTPS headers …
Q&A: Passwords
Dmitry Sklyarov is an IT security analyst at Elcomsoft. In this interview he discusses strong and insecure passwords, the compromise between usability and security as well as …
Q&A: Wireshark
Gerald Combs works with the developers of WinPcap at CACE Technologies as the Director of Open Source Projects, and is the lead developer of Wireshark. In this interview, he …
Best practices for DNS security
Securing the DNS must be a priority because it is so central to the proper functioning of every IP network. Employing the best possible protections for the DNS will pay huge …
Spam evolution: September 2009
Spam in email traffic The amount of spam detected in email traffic averaged 86.3% in September 2009. A low of 83.3% was recorded on 18 September with a peak value of 91.3% …
Looking back at 2009 through SQL injection goggles
The earliest public mention I could find of SQL injection (“piggybacking SQL statements’ as the author put it) was from someone who called himself Rain Forest …
Q&A: Web application security
Robert Abela is a Technical Manager at Acunetix and in this interview he discusses Web application attack vectors, the impact of Cross-Site Scripting, future threats and …
Q&A: Ubuntu 9.10 security
Kees Cook is the security engineer and Gerry Carr is the head of platform marketing at Canonical. In this interview they discuss the security improvements in Ubuntu 9.10, the …
Ask the social engineer: Practice
One reader wrote in asking: “How can one practice social engineering before using it in the wild?” Answering is Chris “loganWHD” Hadnagy, the lead …
Embracing tokenization: Payment without pain
Today, it’s expected that merchants accept electronic payments. It’s more than expected that those payments are secure. No data leaks or breaches of any kind. The …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025