877.791.9571 |

Monthly Archives: December 2012

PHP Session ID’s – The Risks

In today’s article I want to address a very important topic. Namely, I want to talk about PHP session security. I know and understand that this is a very broad topic, but is also extremely interesting. PHP, even though it is simple and intuitive, is considered bad language if […]

Sniffing Network Traffic on Android

Introduction

There has been a lot of talk about how to connect your laptop though the Android network and use the bandwidth that you’re already paying for. Usually, this requires setting up an access point on an Android device and connecting to it with the laptop. On some devices you […]

By |December 31st, 2012|Other|7 Comments

CompTIA A+ Training Kit (220-801 and 220-802) Excerpt

If you’re planning on taking the new A+ exams (220-801 and 220-802), you know that they cover an extensive amount of knowledge and will take you some time to prepare. Your best bet is to get a comprehensive book such as the CompTIA A+ Training Kit (Exam 220-801 and […]

  • Lara_Dodo-sized
    Permalink Gallery

    Lara Dodo, Regional Vice President, Ontario, Manitoba and Quebec, Robert Half Technology

Lara Dodo, Regional Vice President, Ontario, Manitoba and Quebec, Robert Half Technology

Robert Half Technology is ideally positioned to provide customers with a wide range of technology staffing solutions for their project, contract-to-hire and full-time staffing needs. InfoSec recently interviewed Lara Dodo, Robert Half Technology’s regional vice president responsible for Ontario, Manitoba and Quebec, about her take on some pressing issues […]

By |December 28th, 2012|Interviews|0 Comments
  • cyber-attacks-sized
    Permalink Gallery

    The cyber attacks on Saudi Aramco, RasGas, and U.S. banks in the context of international law

The cyber attacks on Saudi Aramco, RasGas, and U.S. banks in the context of international law

Introduction

When it was created, the Internet was launched as a classified military experiment, but nowadays it is a widely used tool that has a multitude of purposes. Recent cyber attacks on Saudi Arabia’s state oil company Saudi Aramco, the Qatari gas firm RasGas, and denial-of-service attacks on some major […]

By |December 26th, 2012|Other|0 Comments

Q&A: Interview with an IT Security Analyst

(Rebecca Turner is an IT security analyst, employed by a leading global services provider. Rebecca began her career in IT as a helpdesk technician and has advanced through a number of roles. She has considerable experience as a field engineer, and also as a systems administrator.)

Q: I see […]

By |December 24th, 2012|Interviews|3 Comments
  • smartphones-sized
    Permalink Gallery

    Handy Devices Revolution: Handy Pentesting and Hacking Part III

Handy Devices Revolution: Handy Pentesting and Hacking Part III

And now is the time for the third article of the Handy Devices Revolution series! In the second article we talked about Arduino and Power Pwn; this time we will talk about a microcontroller from Texas Instruments, minicomputers, developmental boards, and simple boards that can be converted into a […]

By |December 24th, 2012|Hacking|1 Comment

Cyberterrorism Defined (as distinct from “Cybercrime”)

Introduction

Technology is developing at an extremely vigorous pace over the last couple of decades. There are many unknown terms that come along with this rapid change. Often, the common people are not familiar with these new strange words ensuing from technological advancements and its interaction with the other branches […]

Mobile Security – Basic Challenges

“Data stored on the device is worth more than the device”

Introduction

The above quote might well apply to desktops and laptops as well. But it’s much more probable that your mobile device might be used by someone or lost, compared to your laptop or desktop. This fact changes the […]

By |December 21st, 2012|General Security|1 Comment

How to Filter User Input: An Overview

If you make web sites, online apps, or even just your own personal blog, chances are that you’ve heard the phrase “Don’t trust user input!” This is one of the key security concepts about the Internet, and the failure of web developers to adhere to this principle is the […]

By |December 21st, 2012|Other|0 Comments

IT Continuity Planning

Today most organizations have committed resources, developed policies, procedures, and tools, and set their organization and IT infrastructure to maintain their critical business process (Business Continuity Plan) and recover to their normal activities (Disaster Recovery Plan) as quickly as possible during unforeseen circumstances and major outages.

Having a plan for […]

  • Festive-Fraudsters-sized
    Permalink Gallery

    Can Festive Fraudsters Make Money on the Internet Before Christmas?

Can Festive Fraudsters Make Money on the Internet Before Christmas?

Pre-Christmas fever has slowly embraced us all. Everyone was happy to give donations to charitable organizations or throw a few dollars to help some children. But there are some people who spoil the atmosphere of Christmas: the festive fraudsters. They promote fake fundraisers and seek donations for their own […]

  • EUdataTransfer-sized
    Permalink Gallery

    Transfer mechanisms of personal data from EU to third countries

Transfer mechanisms of personal data from EU to third countries

This Article explains the concept of transferring personal data from EU to third countries, what those third countries mean, the principles for making such transfers legitimate and the derogations from these principles, and last but not least, the transfer mechanisms of personal data to third countries.

I. Transfer of personal […]

By |December 19th, 2012|Other|0 Comments

Reverse-Engineering Arrays

Introduction

Whenever we would like to reverse-engineer a function, we need to know exactly how the function is being called: its calling convention, number of parameters, parameter types, parameter values, etc.

After the Ida analyzes the program, it will create comments for known parameters being passed to known functions. The function […]

Nine Wishes for Your PHP Applications

When it comes to PHP, some 99% of amateur sites and 60-70% of all sites use the professional scripting language called PHP. But is it safe to use PHP? Does the implementation of the language not have any gaps that are critical to the operation of our applications? Remember […]

Reverse Engineering Structures

Introduction

In this part of the tutorial, we’ll take a look at how we can figure out a structure when reverse engineering a binary. First, we must write a C++ program that declares and uses the structure, so that we’ll be able to reverse engineer it. The basic difference between […]

How to Safely and Wisely use jQuery: Several Key Issues

At the beginning of this article, I want to thank all those without whom this article would not exist. For starters, I’d like to thank Izabela Galazewska. You are a wonderful woman, and without your compassion towards me, there would be no article nor would I have a project. […]

Physical Security: Managing the Intruder

No information security guide is complete without a chapter about securing physical access to information resources. After all, physical access gives even the moderately skilled attacker access to the network, unencrypted workstations and servers, and hardcopy information just waiting for someone to come by and pick it up. Have […]

Virtualization Security

ABSTRACT

Virtualization has made a huge impact in a very short time in the IT and networking worlds and has already provided huge cost savings and returns on investments for data centers, enterprises and the Cloud. What seems to be less substantial and lagging is the understanding of virtualization […]

  • US-China-copyright-sized
    Permalink Gallery

    Differences in Copyright Enforcement between the U.S. and China

Differences in Copyright Enforcement between the U.S. and China

Introduction

China and the U.S. have signed the Berne Convention and the Agreement on Trade Related Aspects of Intellectual Property Rights (TRIPS Agreement). These two agreements set minimum standards for copyright regulation. Under these agreements, creators are granted “automatic” rights to any work they produce. Consequently, the creators receive copyright […]

By |December 17th, 2012|Other|0 Comments