Expert analysis
Application Security Matters: Deploying Enterprise Software Securely
One of the most interesting aspects of being an information security consultant is the exposure to an enormous variety of industries and organizations. From health care to …
Security Risks for Mobile Computing on Public WLANs: Hotspot Registration
Wireless broadband internet access via hotspots is convenient for both the casual surfer and the internet-dependent teleworker. Unfortunately, current security technologies …
Reverse Engineering: Smashing the Signature
Many antivirus and antispyware solutions identify malicious programs by looking for known unique signatures contained inside them. Those signatures are stored inside a …
Internet Terrorist: Does Such A Thing Really Exist?
Recently, I have experienced an increase in organizations questioning how real is the threat of Internet terrorism and what they can do to protect themselves. As a former …
Reputation Attacks: A Little Known Internet Threat
Reputation attacks target both individuals and companies, and their goal is to ruin the victim’s reputation. While attack techniques are varied, the consequences are …
DTrace: The Reverse Engineer’s Unexpected Swiss Army Knife
Disclaimer: David Weston is no longer an employee of SAIC and his statements do not reflect the views of or an endorsement by the company. In this video, made at Black Hat …
How B2B Gateways Affect Corporate Information Security
B2B gateways were introduced in 2003, marking the first time IT professionals could deploy best-of-breed managed file transfer tools without sacrificing their larger …
Q&A: Views on Privacy and Identity Theft
Jonathan Moneymaker is VP of Operations at Anonymizer. He is a certified Project Management Professional and also holds a BS in Systems Engineering from the University of …
Surf Jacking: HTTPS Will Not Save You
In this paper we will describe a security issue that affects major web sites and their customers. Attackers exploiting this vulnerability are able to hijack an HTTP session …
Q&A: E-mail spam and Software as a Service (SaaS) solutions
David Vella is the Director of Product Management at GFI with experience in quality assurance, network administration and software development. In this Q&A he provides …
Cybercrime and Politics
As citizens of the United States prepare to cast their votes in the upcoming presidential election, the time is right to consider what implications, if any, Internet-borne …
Traditional vs. Non-Traditional Database Auditing
Traditional native audit tools and methods are useful for diagnosing problems at a given point in time, but they typically do not scale across the enterprise. The auditing …