Expert analysis
Q&A: Views on Privacy and Identity Theft
Jonathan Moneymaker is VP of Operations at Anonymizer. He is a certified Project Management Professional and also holds a BS in Systems Engineering from the University of …
Surf Jacking: HTTPS Will Not Save You
In this paper we will describe a security issue that affects major web sites and their customers. Attackers exploiting this vulnerability are able to hijack an HTTP session …
Q&A: E-mail spam and Software as a Service (SaaS) solutions
David Vella is the Director of Product Management at GFI with experience in quality assurance, network administration and software development. In this Q&A he provides …
Cybercrime and Politics
As citizens of the United States prepare to cast their votes in the upcoming presidential election, the time is right to consider what implications, if any, Internet-borne …
Traditional vs. Non-Traditional Database Auditing
Traditional native audit tools and methods are useful for diagnosing problems at a given point in time, but they typically do not scale across the enterprise. The auditing …
Q&A: SSL VPN Security
Max Huang is the founder and Executive Vice President of O2Micro and President for O2Security, a subsidiary company of O2Micro. In this interview he discusses the importance …
Security Policy Considerations for Virtual Worlds
Virtual worlds increasingly offer significant outreach and business development opportunities to companies, governments, and the world at large. These virtual worlds – …
Q&A: Web 2.0 Security
Sam Masiello oversees the MX Logic Threat Operations Center. Masiello has more than 18 years of email systems and IT management experience, including nearly 10 years network …
The Vulnerability Economy
Jeff Moss, the founder of DEFCON and Black Hat, discusses the unfolding of the vulnerability economy. Nowadays, instead of exposing high profile zero-day vulnerabilities at …
DNS Vulnerability Overview and Suggested Mitigations
On July 9th, 2008 a massive effort was made among software and hardware vendors to release a simultaneous patch to their products. This patch was created to mitigate or …
Q&A: Insider Threat
Bob Farber is the CEO of Symark. Prior to joining Symark, Mr. Farber was the Manager of Technical Support Operations for Candle Corporation. In this interview he discusses the …
The Extended HTML Form Attack Revisited
HTML forms are one of the features in HTTP that allows users to send data to HTTP servers. An often overlooked feature is that due to the nature of HTTP, the web browser has …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do