Expert analysis
Astaro Content Filtering Process
Traditional Internet filtering methods depend on manually compiled blocking lists, individual ratings or online applied heuristics algorithms. These methods are, for the most …
The Weakest Link in Disaster Recovery
Much of the focus of disaster recovery planning is on creating redundant data sites and backup tapes. Very often, a crucial component is overlooked: that of keeping current …
Buffer Overflows – Defending against arbitrary code execution
Buffer Overflows are one of the most common and potentially deadly forms of attack against computer systems to date. They allow an attacker to locally or remotely inject …
Improving Enterprise Security with Ecora’s Configuration Auditor
Enterprise security is traditionally managed with a plethora of tools. Common among them are firewalls, intrusion detection systems, vulnerability scanning, and penetration …
Threat Profiling Microsoft SQL Server
This paper is written from the perspective of an attacker and shows typical “cursi incursi” for Microsoft SQL Server. An attacker’s location in the …
SSL – A discussion of the secure socket layer
The Secure Socket Layer is the protocol that gives e-commerce the confidence it needs to allow on-line banking and shopping. SSL provides and encrypted bi-directional data …
Monitored Intrusion Detection Systems
Most enterprise networks are protected from the Internet by firewalls. While firewall protections are essential, they rarely identify types of attacks, or attacks on allowed …
Secure Personal Identification Systems: Policy, Process and Technology Choices for a Privacy-Sensitive Solution
This paper describes policy, process and technology issues that need to be considered in implementing a privacy-sensitive secure personal ID system. The different ID …
Shatter attacks – more techniques, more detail, more juicy goodness.
Introduction Well, It’s now two weeks since the release of Shatter, and my inbox has finally started calming down. I’ve tried to reply to most of the messages …
Public Key Infrastructure (PKI): A Primer
As the Internet becomes an increasingly important means of conducting transactions and the volume of e-business grows exponentially, a secure infrastructure is needed to …
Protecting the Distributed Enterprise
Shows how a distributed security strategy can cost-effectively extend the reach of enterprise-class security and remote access throughout the enterprise. Download the paper in …
Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG
We recently noted that PGP and other e-mail encryption protocols are, in theory, highly vulnerable to chosen-ciphertext attacks in which the recipient of the e-mail acts as an …
Featured news
Sponsored
Don't miss
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity
- 25 cybersecurity AI stats you should know
- Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)