Blog Posts Tagged with "HTTP Security"

C6dd57cb9806eadc9f7915a90d91aa92

Forensics for Network, Internet, and Cloud Computing

September 06, 2011 Added by:Tony Campbell

A number of chapters had a very long and complete reference section, while a few chapters had no reference section at all, yet it was obvious that they required a reference section. And poor screenshots and lack of references seems like laziness on behalf of the author and publisher...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Web Application Security "White Elephants"

March 20, 2011 Added by:Rafal Los

We were both talking about things that aren't necessarily new to the security or app-dev community, but aren't being actively addressed. It hit me that there were two big white elephants in the room, and we happened to be talking about them in an open forum.. Finally...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Cross-Site Scripting in the Wild Exploiting Your Droid

March 16, 2011 Added by:Rafal Los

You've got mobile devices now like the iPhone, the 'Droids, the RIM devices, Windows7 handsets and of course WebOS-based devices too. Guess where all the 'apps' and updates come from? Guess what the #1 used transport protocol is on those devices? HTTP...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Mobile Device Security Challenges

February 23, 2011 Added by:Danny Lieberman

Deploying line of business or life science applications on mobile Android tablets or an iPad has a different set of security requirements than backing up your address book. It requires thinking about the software security and privacy vulnerabilities in a systematic way...

Comments  (1)

959779642e6e758563e80b5d83150a9f

Securing Web Services in the Cloud

January 28, 2011 Added by:Danny Lieberman

Once a security breach is detected, being able to shut down systems and reject traffic from specific sources is important. A DLP system provides real-time detection, forensics recording and the ability to drop traffic from specific IP source addresses in order to properly mitigate the threat...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Project Honeypot HTTP Blocklist Module

December 29, 2010 Added by:Rob Fuller

Project Honeypot does an amazing job at keeping detailed information on scanners / harvesters and brute forcers, the likes of which are the daily enemy of said admins. They offer a service called HTTP Block List or 'HTTP:BL'...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The FireSheep Dilemma - Encrypt Everything?

November 09, 2010 Added by:Rafal Los

If the release of FireSheep has done nothing else - it has certainly demonstrated to people that HTTPS (encryption) is necessary well beyond the login page. Sounds easy enough right? Just "SSL the whole site"? Actually, no. It's not that simple...

Comments  (5)

7fef78c47060974e0b8392e305f0daf0

Are you running a WordPress Blog? Update it today

August 12, 2009 Added by:Infosec Island Admin

Another security release for Wordpress was released yesterday (version 2.8.4) which patches a rather annoying security flaw discovered with all prior versions. By sending a specially crafted URL as an unauthenticated user to your WP blog, and attacker can essential reset your admin password and lock you out of your blog.

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Federal Web sites knocked out by cyber attack

July 08, 2009 Added by:Infosec Island Admin

According to an article by the Assoiated Press, and subsequently the Washington Post, several Government agencies in the US and South Korea were under attack by roughly 60,000 infected PCs across the globe.

Comments  (0)