HNS MAIN FEED
Saturday, 00:23 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
Various
Various: 10 most recent
(show all)
| Taking the shield to protect mobile computing (Various) What security lessons can we learn from medieval times? And how should they be applied to vulnerable endpoints? If important figures left the protection of the castle, they would wear armor and carry a shield for extra defense against all types of weapon. But do corporate endpoints – laptop computers and smartphones – have the same level of protection? |
| Firewall management today and tomorrow (Various) What features are real game changers when it comes to firewall management, and how far along is the market in the development cycle? |
| Firewire-based physical security attacks on Windows 7, EFS and BitLocker (Various) This paper discusses Firewire-based physical security attacks on Microsoft Windows 7. It describes the impact of Firewire-based Windows authentication bypassing on Microsoft’s full-disk encryption solution BitLocker, the Windows EFS and Windows domains. A comprehensive section on countermeasures on different layers concludes the paper. |
| Securing virtualized environments (Various) Through its ability to consolidate workloads and reduce the amount of time and energy IT spends purchasing, installing and maintaining racks of servers, virtualization allows organizations to meet expansion goals with fewer physical resources and reduced operational costs. Early adopters of the technology are also attaining additional returns on their investment through radically simplified systems management, data center automation and optimized server utilization. In short, both the expectations and benefits of virtualization are very real. |
| Empirical Exploitation of Live Virtual Machine Migration (Various) As virtualization continues to become increasingly popular in enterprise and organizational networks, operators and administrators are turning to live migration of virtual machines for the purpose of workload balancing and management. However, the security of live virtual machine migration has yet to be analyzed. |
| Where's My iPhone? A Lesson in Incident Response (Various) What follows is the incident response procedure that I followed once I found out my iPhone had been stolen. It's not a comfortable feeling to know that someone else has control over a device containing your information. However, you must remain calm and follow some sort of incident response procedure. Sometimes this is not as easy as it sounds, as you will see in this article. Once the incident is over the most important thing you must do is learn from it. Hopefully you can learn from my experience. |
| Cross Site Printing: Printer Spamming (Various) By using only JavaScript, an Internet web site can remotely print to an internal network based printer by doing an HTTP Post. The web site initiating the print request can print full text, enter PostScript commands allowing the page to be formatted, and in some cases send faxes. |
| Dissecting and Digging Application Source Code for Vulnerabilities (Various) Application source code scanning for vulnerability detection is an interesting challenge and relatively complex problem as well. There are several security issues which are difficult to identify using blackbox testing and these issues can be identified by using whitebox source code testing methodlogy. Application layer security issues may be residing at logical layer and it is very important to have source code audit done to unearth these categories of bugs. |
| On the Security of E-Passports (Various) The global introduction of electronic passports is a large coordinated attempt to increase passport security. Issuing countries can use the technology to combat passport forgery and look-alike fraud. While addressing these security problems other security aspects, e.g. privacy, should not be overlooked. This article discusses the theoretical and practical issues, which impact security for both citizens and issuing countries. |
| The Case for Automated Log Management in Meeting HIPAA Compliance (Various) The Health Insurance Portability Accountability Act, better known as HIPAA, was passed in 1996 by the US Department of Health and Human Standards (HHS) to ensure the privacy and security of confidential patient health information. The Act mandates that all Covered Entities (CEs) must implement ‘reasonable and appropriate’ procedures for securing patient health information from security breaches, impermissible uses and/or disclosures, with severe penalties mandated to punish non-compliance. |
Various: most read articles