Expert analysis
The Trivial Cisco IP Phones Compromise
The following paper lists several severe vulnerabilities with Cisco systems’ SIP-based IP Phone 7960 and its supporting environment. These vulnerabilities lead to …
America’s National Cybersecurity Strategy: Same Stuff, Different Administration
Today the White House releases its long-awaited “National Strategy To Secure Cyberspace.” This high-level blueprint document (black/white or color), in-development …
HNS Coverage from RSA Conference 2002 Europe
Here are the news from the conference as they are released: Scope on Attix5 secure backuping software Bridicum receives 4.2 million Euros investment How the press spreads FUD …
NetBSD Releases a Batch of Security Advisories
With the release of NetBSD 1.6, the NetBSD project published a batch of Security Advisories (some of which are updates). * 2002-006 buffer overrun in libc/libresolv DNS …
Cross-Site Scripting Vulnerabilities
Have you ever mistyped the address of a web site and received a message like “Error – page name could not be found” or “The page you requested: page …
Securing an Internet Name Server
Domain name system (DNS) servers translate names suitable for use by people (such as www.example.com) into network addresses (e.g., 192.168.4.22) suitable for use by …
Managed Vulnerability Assessment
Hacker attacks are no longer limited to high-profile organizations such as banks and governments. Automated tools have made it easier to identify and exploit network …
Keep e-commerce secure by disconnecting your servers from the Internet
While it sounds strange, disconnecting your e-commerce servers from the Internet is exactly what SpearHead Security Technologies would have you do – using their NetGAP …
Interview with Stuart McClure, President and CTO of Foundstone
Stuart Stuart McClure is the President and CTO of Foundstone, a successful security author, speaker, and teacher. Stuart holds a B.A. degree from the University of Colorado, …
Astaro Content Filtering Process
Traditional Internet filtering methods depend on manually compiled blocking lists, individual ratings or online applied heuristics algorithms. These methods are, for the most …
The Weakest Link in Disaster Recovery
Much of the focus of disaster recovery planning is on creating redundant data sites and backup tapes. Very often, a crucial component is overlooked: that of keeping current …
Buffer Overflows – Defending against arbitrary code execution
Buffer Overflows are one of the most common and potentially deadly forms of attack against computer systems to date. They allow an attacker to locally or remotely inject …
Featured news
Resources
Don't miss
- Hard-coded credentials found in Moxa industrial security appliances, routers (CVE-2025-6950)
- China-linked Salt Typhoon hackers attempt to infiltrate European telco
- Most AI privacy research looks the wrong way
- Why ex-military professionals are a good fit for cybersecurity
- Nodepass: Open-source TCP/UDP tunneling solution