877.791.9571 |

Monthly Archives: November 2012

  • team
    Permalink Gallery

    How to Deal with Conflict: Good Cooperation in an IT Company

How to Deal with Conflict: Good Cooperation in an IT Company

Agenda:

Introduction

Company success vs. cooperation inside the company

Forms of conflict
Reasons for bad cooperation

a) Mentality depending on the positions

b) Understanding of own role in the company

c) The most common sources and symptoms of conflict

d) Examples of bad cooperation and how to avoid them

Advice for when you are Project Manager
Five ways to […]

Privacy Impact Assessment

What is a Privacy Impact Assessment (PIA)?

Privacy Impact Assessment is a process to determine the impacts of a program, system, service, scheme, initiative, application, information system, policy or administrative practice, or database, called for the purpose of this article as “project,” on an individual’s privacy and the ways to […]

Exceptions In Injected Code

Injection and API Hooking – When you don’t know enough to know that you are getting it wrong…

Code Injection and API hooking techniques are gaining in popularity. Whether they are used in anti-malware products, malware itself, or in even more common places like the application compatibility layer provided by […]

Access Control: Models and Methods

There are times when people need access to information, such as documents, slides, etc., on a network drive but don’t have the appropriate level of access to read and/or modify the item. This can happen at the most inconvenient time and they would need to get a hold of […]

A World of Vulnerabilities

Introduction
Every day, we read about cyber-attacks and data breaches, incidents that represent in many cases a disaster for private companies and governments. Technology plays a significant role in our lives; every component that surrounds us runs a piece of software that could be affected by flaws and exploited by […]

  • 112712_2207_LowFidelity1.jpg
    Permalink Gallery

    Low Fidelity Prototyping: The Cheapest Corrections in Design Stage Ever!

Low Fidelity Prototyping: The Cheapest Corrections in Design Stage Ever!

Agenda:
1. Prototyping – what is it?
2. The design process.
3. Showing the project to client before developers will write any line of code.
4. Changes in project? Sooner equals better.
5. Examples of tools for prototyping.

1. Prototyping – what is it?
First of all I will describe what exactly prototyping is. It is […]

By |November 27th, 2012|Other|0 Comments

Common Myths about SQLi, Busted

Before going ahead with the topic of SQL injection, let us first take a look into the construct of a web-based application.
Most websites have an inseparabe relationship with a database. To begin with, databases are used by these websites to store usernames and passwords, which allows the users of […]

By |November 27th, 2012|Hacking|3 Comments
  • programming
    Permalink Gallery

    Good Programming Techniques – Exceptions to Program, Part 2

Good Programming Techniques – Exceptions to Program, Part 2

In a previous article, we introduced the concept of exceptions. As I mentioned, this is the most important thing when writing high-quality software. Today we will develop this concept and also take care of the login. I hope that this section will be as interesting as the other.

The most […]

By |November 26th, 2012|Other|0 Comments

Owasp ZAP

Introduction

ZAP is an open source tool designed to help security professionals as well as developers to find out the security vulnerabilities present in the web application. The only reason for not mentioning it in my previous article Free Web Application Scanners is that it deserves special attention. Unlike other […]

Keeping Your Social Media Accounts Safe

Whether you’re an average Internet user, or an IT pro who checks Twitter before getting out of bed and goes through several SSH sessions before the day is over, chances are you have a lot of social media accounts, and you use them to keep in contact with some […]

Computer Network Diagnostics Part 4

In previous articles on the diagnosis of computer networks we generally learned a lot of tools available and understood how they work. Today we will be doing something much simpler, namely, we will talk about two diagnostic programs that are available almost everywhere. Today is not going to torture […]

By |November 25th, 2012|Other|0 Comments

Analysis of Malware Samples with the Immunity Debugger API

Introduction

Immunity Debugger is a debugger which is very much like Ollydbg. In this tutorial we’ll present the Python API that Immunity Debugger uses for writing the plugins. Ollydbg has its own language for plugin development, while Immunity Debugger uses well known Python programming language, which makes the plugin development […]

Eight Handy Security Tools for a Novice

Here is a compilation of a few tools that we need to be aware of. The power, the performance and the capabilities of these tools are limited only to the creativity of the attacker. Let’s dig in to the list.

1. Maltego:

Following the well-defined hacker cycle, let’s start off with […]

By |November 23rd, 2012|Hacking|2 Comments

Cryptography, Chapter 7

Excerpted from CISSP All-in-One Exam Guide, 6th Edition by Shon Harris (McGraw-Hill; 2013) with permission from McGraw-Hill.

Shon Harris, CISSP, MCSE, is the founder and CEO of Shon Harris Security LLC and Logical Security LLC, a security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor, and an author. Shon has owned […]

By |November 23rd, 2012|CISSP|0 Comments

API Hooking with Microsoft Detours

Introduction

Microsoft Detours is a library which we can use to build our own DLL that serves as an API monitor when analyzing the results. The best thing about it is that it doesn’t require other frameworks as a dependency. The downside is that only x86 support is available for […]

Web Vulnerabilities Explained

Introduction

We all know that vulnerabilities in web pages are quite common these days. They range from SQL injections, XSS vulnerabilities, CSRF, etc. In this article we’ll provide basic examples of the most common vulnerabilities you’ll find in web pages—including and especially WordPress. We’ll describe them in detail below.

1. DoS […]

Introduction to Anonymizing Networks – Tor vs I2P

The Right to Anonymity

Every operation made in cyber space, every visited web site, and every web service accessed, leave traces of the user’s experience on the Internet. This information is considered very precious for commercial and intelligence purposes.

Private companies and governments are constantly monitoring the world wide web to […]

  • crime scene
    Permalink Gallery

    Investigating the Crime Scene Part 2: Recovering Files with Autopsy

Investigating the Crime Scene Part 2: Recovering Files with Autopsy

For part one of this series, please click here.

Introduction

So, in the previous part we saw how we can set up the environment for finding clues and also how to set up Autopsy. The previous part was a bit boring since there was no action at all, just some basic […]

By |November 14th, 2012|Forensics|Comments Off
  • Corporate_Governance_3
    Permalink Gallery

    The Most Common Problems in the Implementation of Agile Methodologies in Companies, Part 1

The Most Common Problems in the Implementation of Agile Methodologies in Companies, Part 1

As you know, I delight in writing articles on the Agile environment. Why is that? Because I like to advise people about the methodology of software development. Agile is really a very flexible approach to all processes of software development. But even that is not really very flexible, it […]

By |November 13th, 2012|Other|3 Comments
  • wordpress-attack
    Permalink Gallery

    WordPress Plugin Vulnerabilities: From a Developer’s Point of View

WordPress Plugin Vulnerabilities: From a Developer’s Point of View

1. Introduction

We all know the prevalence of the WordPress blogging system and its share of vulnerabilities in the core system alone over the years. If not, we can take a look at the cvedetails web page that presents all the vulnerabilities from 2004 to the present.

We can see that […]