A honey pot is a computer system that is expressly set up to attract and trap an attacker who is attempting to compromise the information systems in an organization. Honeypots can also analyze the ways in which attackers try to compromise an information system, providing valuable insight into potential […]
The cloud is expanding. More applications are being run online. More data is being stored online. More businesses are relying on public, private, and hybrid clouds for their apps, records, and backups. And more hackers are taking advantage.
Why Security Breaches Happen in the Cloud
Hackers aren’t attacking the cloud; the […]
In this article we will learn about one of the most important features introduced by Microsoft from the perspective of network access protection (NAP). We will also cover all the main concepts surrounding NAP and various design scenarios and best practices.
Network Access Protection (NAP) is a platform to check […]
1. IntroductionCreating a backup procedure is a very important aspect for a company, because a loss of data can result in great damage to the company, possibly even a company going bankrupt. Proper backup mechanisms are usually not in place or are poorly designed, which becomes evident once it’s […]
Security experts at Trend Micro have recently uncovered a hacking campaign dubbed “Operation Emmental” which targeted Swiss bank accounts with a multi-faceted attack.
Bad actors were able to bypass the two-factor authentication mechanism used by the bank to secure its customers’ accounts. The researchers at TrendMicro coded the campaign […]
Cyber insurance coverage has been available on the market for a decade, but only recently companies have been seeing a significant growth—sales of cyber insurance in 2013 escalated 30 percent in comparison with 2012, according to the Global Head of Professional Liability for AIG Tracie Grella.
Now cyber insurance is […]
Cloud computing is changing the way we interact with devices, software, data and processes. But some things never change, and one thing that remains true across the old and new computing paradigms is the importance of authentication to confirm the identity of the user and/or system with which we’re […]
At the beginning of this year, an Intermap poll found that cloud security is still a major obstacle to cloud adoption, with 40% of respondents still wary of going to the cloud for that reason, although many experts, such as the panel at the most recent RSA Conference, say […]
In the previous article, we had already configured the Mod-Security Firewall with OWASP Core Rule Set (CRS). But installing and configuring the Mod Security alone is not enough, as we are using the standard OWASP Core Rule set. The common problem with standard OWASP (CRS) is that it gives […]
Canadian Chinese Embassy spokesperson Yang Yundong can’t pull the wool over my eyes.
“The Chinese government has always been firmly opposed to and combated cyber attacks in accordance with the law. In fact, China is a major victim of cyber attacks,” he said on July 29th.
Mr. Yundong released that statement […]
When a cookie has secure flag set, it will only be sent over secure HTTPS, which is HTTP over SSL/TLS. This way, the authentication cookie will not be disclosed in insecure communication (HTTP). It turns out, however, that an insecure HTTP response can overwrite a cookie with secure flag […]
Tor is the acronym of “The onion router”, a system implemented to preserve online anonymity. Tor client software routes Internet traffic through a worldwide volunteer network of servers that hide user information, eluding surveillance of government and other bad actors.
The Tor project was born in the military sector, sponsored […]
Voice over Internet Protocol (VoIP) is a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. VoIP communication has reduced the cost of international calls dramatically allowing people to dial ISD calls with a cheaper […]
The number of employees using their personal devices for work-related purposes is absurd. Let’s just say there’s an employee or two in every organization using personal devices at work, and be done with it.
Maybe that’s true… maybe it isn’t. The point is – and most of us know it […]
Network Administration is a field that has an enormous amount of responsibility associated with it. Despite the fact that it sounds like a relatively straightforward concept at the outset – keep the systems talking to each other- that simple phrase covers a multitude of different compatibility issues, operating systems, […]
Have New Backdoors Been Discovered in iOS? An Interview With iOS Developer and Digital Forensics Expert Jonathan Zdziarski
When the HOPE X (Hackers On Planet Earth) 2014 convention started on July 18th, one particular presentation caught the undivided attention of information security professionals. Ever since, the tech media’s been buzzing… Are there really newly discovered backdoors in iOS’s code? Is Apple spying on the countless millions of […]
Cloud computing has really changed how organizations operate and store their data. Cloud computing attracts big organizations with tags such as huge savings on cap-ex, op-ex, on-demand, and availability. These are all valid and good features, but the cloud actually comes inherent with a lot of security concerns. One […]
Libemu is a library which can be used for x86 emulation and shellcode detection. Libemu can be used in IDS/IPS/Honeypot systems for emulating the x86 shellcode, which can be further processed to detect malicious behavior. It can also be used together with Wireshark to pull shellcode off the wire […]
It is estimated that today approximately three-quarters of the human population has a mobile phone. Crowdsensing, a new business model, allows this large number of mobile phones to be used not only for exchanging information between their users, but also for activities that may have a huge societal […]