Expert analysis
Q&A: Virtualization Security
Jim Chou is the Executive VP of Technology for Apani where he is responsible for the strategic technical development of Apani technology and product portfolio development. In …
Types of Web-Based Client-Side Attacks
While my research is primarily concerned with drive-by-download attacks, I thought I try to summarize other web-based client-side attacks that are out there, many of which are …
SOX, Lies and Security Matters
When it comes to compliance, it’s fairly easy to find out what companies need to do to achieve it. But it’s much harder for companies to find out how they should …
Discovery and Fuzzing for SQL injections with Web 2.0 Applications
Web 2.0 application assessment is becoming increasingly challenging due to their behavior and implementation of the components. It is imperative to identify hidden Web 2.0 …
Rootkit Evolution
I saw my first rootkit in 2004, when I was still a rookie virus analyst. At that point I had some vague knowledge of UNIX-based rootkits. One day I stumbled on an executable …
Application Security Matters: Deploying Enterprise Software Securely
One of the most interesting aspects of being an information security consultant is the exposure to an enormous variety of industries and organizations. From health care to …
Security Risks for Mobile Computing on Public WLANs: Hotspot Registration
Wireless broadband internet access via hotspots is convenient for both the casual surfer and the internet-dependent teleworker. Unfortunately, current security technologies …
Reverse Engineering: Smashing the Signature
Many antivirus and antispyware solutions identify malicious programs by looking for known unique signatures contained inside them. Those signatures are stored inside a …
Internet Terrorist: Does Such A Thing Really Exist?
Recently, I have experienced an increase in organizations questioning how real is the threat of Internet terrorism and what they can do to protect themselves. As a former …
Reputation Attacks: A Little Known Internet Threat
Reputation attacks target both individuals and companies, and their goal is to ruin the victim’s reputation. While attack techniques are varied, the consequences are …
DTrace: The Reverse Engineer’s Unexpected Swiss Army Knife
Disclaimer: David Weston is no longer an employee of SAIC and his statements do not reflect the views of or an endorsement by the company. In this video, made at Black Hat …
How B2B Gateways Affect Corporate Information Security
B2B gateways were introduced in 2003, marking the first time IT professionals could deploy best-of-breed managed file transfer tools without sacrificing their larger …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do