(more) Advanced SQL Injection

This paper addresses the subject of SQL Injection in a Microsoft SQL Server/IIS/Active Server Pages environment, but most of the techniques discussed have equivalents in other …

Network InSecurity

This technical brief will overview the inherent flaws that plague the internet today, making it vulnerable to corporate espionage, money laundering, grand larceny, trading …

Security and open source

Security problems in software are of course an extremely bad thing, regardless of the business model under which the software was written. I want to consider why anybody …

OpenSSH Remote Vulnerability Roundup

In a recent discussion about the Apache Chunk Handling vulnerability, which consisted of many debates and rants on how the reporting was done, ISS mentioned that they found …

TrueSign: Under the Hood

Electronic document exchange and digital signatures are often considered as systems both hard to understand and difficult to use for the end user. This fear is often caused by …