Get expert insights on the latest developments in cybersecurity to stay ahead of the curve.
Are you a visual learner or a verbal one? Consider the last time you had to change a password from a short, dictionary word like dogs to a longer, multi-character one like Eq_7A6>6fc8c. How were the instructions given and which ones helped you understand the parameters for acceptable passwords? Did verbal instructions like: The password…
Botnets have been getting a lot of headlines lately, whether from last month’s arrest of the man allegedly behind the Mega-D botnet, or angry supporters of the WikiLeaks organization who have voluntarily allowed their computers to become part of the Low Orbit Ion Cannon (LOIC) as part of Operation Payback. Most botnets are used as…
It’s a familiar scene played out in waiting lines, airport gates, and restaurants every day. Someone scrolls through their handheld device, scans some text, shakes their head worriedly or angrily then rushes to make a call to the office or a business colleague. While the finer points of whether or not checking messages in…
Cross-site scripting (XSS) and SQL injection flaws are among the most common and lethal types of security vulnerabilities. Both sets of flaws often stem from the same root cause, which is typically some form of an input validation issue. Ensuring that input validation is done correctly is no easy task, which is where the new…
Learn how to surf websites vulnerable to Firesheep without getting fleeced. Years after BlackHat sidejacking demos, far too many websites remain vulnerable to this session cookie hijack attack. Frustrated by apathy and inaction, web developer Eric Butler and colleague Ian Gallagher decided to raise awareness with Firesheep – a Firefox plug-in that makes sidejacking as…
Email has long been described as the “killer app” that attracted masses to the Internet starting in the mid-90’s. By one estimate, as of May 2009 some 247 billion emails are sent per day. Despite its massive and widespread use, the vast majority of these emails are relatively insecure. A conventional email message is vulnerable…