Application vulnerability is caused when a developer fails to sanitize the input from user and blindly uses it as an input for further data processing. One of the major parts of an application development is to validate user input data and pass it through proper sanitization and escaping.
What is […]
On September 9th, during Apple’s iPhone press event, the corporation announced a few new products, of which you’re probably already aware of. Two new iPhones to catch up with innovations that debuted with high end Android smartphones (such as the “phablet” form factor), an Apple Watch (surprisingly not called […]
The cloud has been around for some time now and is still gaining popularity in every day operations of IT companies. I’ve seen different companies with operational models 90% based on cloud services, where the rest of the 10% is constituted of in-house servers. The basic response after asking […]
Every day, our digital identity is menaced by several cyber threats that are becoming even more sophisticated. Every year, data breaches expose million of records that are used by cyber criminals for illegal activities. Particular attention is given to medical records, a specific type of data that is attracting […]
CAPTCHA has been implemented for decades to prevent automated scripts (Bots) from jamming registration or login pages. Even though tons of tools and research have exposed its weakness with the ability to reverse the image into plain text, plenty of insecure images are still out there being used on […]
In this article, we will learn how sensitive cryptographic key material can be taken away from DRAMs, which are used in most modern operating systems through an attack known as cold boot attack.
Though it is believed by many that a computer’s memory gets erased as soon it loses power […]
- Ge! Stop! What’s Segmentation?
The 80186 is a faster version of the 8086. It also has a 20-bit address bus and 16-bit data bus, but has an improved instruction set. The 80186 was never widely used in computer systems.
The real successor to the 8086 is the 80286, which […]
According to the technology market intelligence company “ABI Research”, there are currently more than 10 billion wirelessly connected devices. In 2030, the number of these devices will reach 30 billion. Some of these 30 billion will fall within the category of sleep-tracking devices.
A clear indication for the potential […]
Every organization should follow a proactive rather than a reactive approach to protect against threats, risks and vulnerabilities, to which if their IT infrastructure is exposed can lead to data loss, regulatory penalties, and lawsuits and damaged reputation. Moving on the same lines, to reduce the credit card fraud […]
Cycbot is a malware that spreads using instant messaging and removable drives and contains backdoor functionality that allows unauthorized access to an affected computer.
When Cycbot malware is executed, it drops several malicious files in the Appdata folder of the victim machines, and then it tries to contact a malicious […]
If you haven’t seen the Skillset exam prep engine, it is worth checking out. It is a better way to assess your knowledge and improve your readiness to sit for a number of certifications. Skillset offers tens of thousands of free test questions, currently for the CISSP, CEH and […]
JPMorgan Chase is the largest bank in the United States, with total assets of over $2.5 trillion. They reportedly spend about $250 million per year on technical security, or one dollar for every $10,000 they have in assets. They also employ more information security professionals than Google does, about […]
Clickjacking was first publicized by Jeremiah Grossman and Robert “Rsnake” Hansen in 2008. Clickjacking is an attack that is possible only by the use of iframes. Iframes are the HTML components that are used to load a webpage in a frame. Their height and width can be set to […]
There are very few things in the IT realm that cover as much territory as databases. Before the web, and more specifically before the advent of dynamic programming languages, these immense collections of data were the exclusive territory of the deep down programmers — rulers of their vast domain […]
The Domain Name Service (DNS) is an integral part of Internet access. It translates human-recognized domain names into computer-readable IP addresses in order to facilitate online communication and connection between devices.
Occasionally, an individual or enterprise needs to find a way to control certain aspects of Internet connections in order […]
From our experience in the cloud, layers of security are best
Cloud computing infrastructure is elastic, scalable, highly available, and accessible – but is it safe? The undisputed largest barrier to business cloud migration is security. From the 2014 survey of the ODCA’s large enterprise members, 67% of respondents reported […]
I made it back from DEFCON with both my phone and tablet intact, but I’m happy I didn’t bring a light bulb. You see, if had brought a light bulb, and that light bulb was a smart LED bulb running Linux, it might be running someone else’s software by […]
Bacula was specifically designed for backup jobs in a server environment, where servers have IP addresses that don’t change regularly and are always up and running. Mobile devices usually connect to the network by using a cable (when an employee comes to the office) or through a VPN (when […]
How many times did your work colleague or a friend of yours find a USB cable from your PC/Laptop and attach his Android phone to recharge its battery? Have you ever thought that your private data (images, sounds, videos, text notes) may get transferred behind the scenes without you […]
As mentioned before, an identity management implementation project will often extend 18-36 months based on the size and complexity of the organization. This is an extraordinary amount of time for any project sponsor to maintain passion around the project. The answer is iterations of value statements which deliver […]