The majority of companies out there today are trying their best to use the power of social media and its large user base to their advantage. If your company is utilizing social media websites chances are your employees are allowed to use sites on company time and using company assets.  Unfortunately employees inadvertently and occasionally [...]

When it comes to network security there are a lot of choices as to what software you actually use. You can apply firewalls, antivirus software, internet access controls and network scanners. Seeing where the network scanner fits into this security puzzle can be a little difficult. However, a network scanner can actually perform a multitude [...]

7 Reasons to Use a Network Scanner Two pieces of advice I was given long ago by a security guru are “Know your enemy” and “Know yourself”. ‘Your enemy’ is the malicious attacker who is scanning your network for vulnerabilities, and you ‘yourself’ can use the same tools the enemy does. A network scanner is [...]

How to Deploy Patch Management Keeping up with patches is one of the most important things you can do to protect your company from security issues. But if you are staying up late on a Saturday night, logging on to server after server to patch by hand, and sending out emails to users instructing them [...]

Richard Johnson is a computer security specialist who spends his time playing in the realm of software vulnerability analysis. Richard currently fills the role of principal research engineer on Sourcefire’s Vulnerability Research Team, offering 10 years of expertise in the software security industry. Current responsibilities include research on exploitation technologies and automation of the vulnerability [...]

Company Profile Introduction The idea of Kyrion Digital Securities was born in 2009. It is a brainchild of an IIT Delhi Alumni. There was an acute shortage of trained security experts and a dearth of information security solutions in the market, which meant the industry was forced to heavily invest in foreign security solutions and [...]

READ THE WHOLE INTERVIEW! The early Network Access Control (NAC) market did see a lot of consolidation and failures. Early vendors promised more than they delivered in terms of functionality and deployment ease. Many of those products required managing different components and replacing infrastructure, with results sometimes disrupting users from doing work. So the cost [...]

Considering the wide range of malicious content threatening your users, implementing strong web security within the organization is a crucial part of any defense-in-depth strategy. Web security doesn’t have to mean blocking your users’ access to the Internet, but it does mean protecting them from the types of threats they will encounter every day. Here’s [...]

I’m sure I’m not the only one that is tired of booting up a Windows machine or VM whenever you want to rip a disc. Ripping in Linux is still a little cumbersome and usually there is about a 50/50 chance it will work out nicely, so Windows is what most folks use to rip. [...]

READ THE WHOLE ARTICLE This month’s article focuses on Apple technology hacking that has been identified thus far in 2011. Here you will find a compilation of some high profile media reports and research from the Web on the hacking of Apple technology. There are two sections – Mac OS X and iOS (iPad; iPod [...]

READ THE WHOLE ARTICLE by Dhawal Desai Over the time security space has seen a number of versions and variants of banking malware. With the increase in popularity and usage of smart phones, mobile attacks are becoming more frequent. Android platforms have been one of the most favorite targets of malware writers. To read the [...]

READ THE WHOLE ARTICLE DLL Injection is a popular technique used by attackers to inject an executable file in order to perform a controlled code execution. Several  methods for preventing this has been developed by Operating System’s  creators, but (as we will see) without 100% success. The author presents two methods of a successful attack [...]

READ THE WHOLE ARTICLE! There are practical techniques to securing app code – the first involves limiting privileges to a set of operations – this is known as sandboxing. The second technique involves identifying executables as they enter the trusted domain – aka firewall approach – do you want the app to run and how [...]

READ THE WHOLE ARTICLE Like in many other emerging technologies, security threats can target the unprotected wireless channel used between RFID readers and tags to exchange information. We present a practical eavesdropping attack to capture control data exchanged between a standard EPC Gen2 reader and a series of EPC Gen2 tags. We assume that the attacker [...]

READ THE WHOLE ARTICLE Cybercrime is becoming a growing threat to society. The thefts of information, crashing a website or manipulating online payment traffic are also increasing. Many organizations offer various services in the battle against digital crime, such as network or data monitors and extractions tools. It is interesting mainly to authorities and financial [...]

READ THE WHOLE INTERVIEW I think Bitcoin really needs Bitbills in order to succeed. Wherever people are using bitcoins, I’d anticipate seeing Bitbills in the same ecosystem. – says Doug Feigelson from Bitbills developers team in the interview given to Hakin9. by Aby Rao  

READ THE WHOLE ARTICLE! RFID when first introduced years ago convinced many that it would be the way of the future. Inventory systems would be smarter, tracking things and even people would be simpler. One could simply walk into a store, pick up their items they needed and walk out comforted by the thought that [...]

READ THE WHOLE ARTICLE! Your identity is a valuable commodity. You need it to function in everyday life. You need evidence of who you are to open bank accounts, obtain credit cards, finance, loans and mortgages, to obtain goods or services, or to claim benefits. But you may not be the only person using your [...]

READ THE WHOLE INTERVIEW! Itzik Kotler brings more than ten years of technical experience in the software, telecommunications and security industries. Early in his career, Itzik worked at several start-up companies as a Security Researcher. Prior to joining Security Art, Itzik worked for Radware (NASDQ: RDWR), where he managed the Security Operation Center (SOC), a [...]

BROADBAND-TESTING  REVIEW BLUECOAT PROXYSG SECURITY APPLIANCE INTRODUCTION: COMBINING THE PHYSICAL SECURITY APPLIANCE AND THE CLOUD For many users, the idea of jumping into the void that is seen by many as pure cloud-based security is currently one step too far. The reassurance of a physical appliance, controlled and managed in-house is still, for many companies, [...]