02/2012 HAKIN9 MAGAZINE: 50TH ISSUE

BRIEF
By Armando Romeo, eLearnSecurity and ID Theft Protect
As usual specialists from companies eLearn Security and ID Theft protect will share with us latest news from IT security world. Read it to up-date yourself.

When I’m x64: Bootkit Threat Evolution in 2011
By Aleksandr Matrosov, Eugene Rodionov
It’s traditional in security (almost considered compulsory in PR circles) at the end of each year to offer a retrospective view of security-related events in the past 12 months and predictions of likely trends in the threat/anti-threat landscape for the upcoming year.

iPhone Forensics on iOS 5
By Satish Bommisetty
Mobile device forensics is a branch of digital forensics relating to recovery of digital evidence or data from a mobile device under forensically sound conditions. The use of phones in crime was widely recognised for many years, but the forensic study of mobile devices is changing every day because of new technologies and advanced mobile operating systems. In this article we will learn about iPhone forensics and the technical procedures & challenges involved in extracting data and artefacts from a live iPhone and iPhone backups.
Striping SSL Encryption
By Praful Agarwal and Sulabh Jain
HTTPs is not an unknown terminology. Hyper Text Transfer Protocol Secure (HTTPS) is a secure version of the Hyper Text Transfer Protocol (HTTP) which is a combination of HTTP with SSL (Secure Socket Layer)/TLS (Transport Layer Security)

CAPTCHAs, What They Are and How To Use Them
By Federico “Glamis” Filacchione

You’ve of course always used them. They’re those strange letters and numbers below pretty every registration form that exist on the Internet. CAPTCHAs are everywhere, sure, but are they useful? Are they secure? Are they accessible? We’ll look at how they’re implemented, we’ll try to debunk some myth related to them and understand how you can use CAPTCHAs on you web application, and be safe and sound.

Performing a History Injection Against the Chrome Web Browser
By Christopher M. Frenz

Over the course of the last couple of decades computers have arisen to a position of prominence across many aspects of people’s personal and business life. The chrome history files are actually simple to view and interact with in that they are SQLite databases and can be readily viewed with programs such as the SQLite Database Browser (https://sqlitebrowser.sourceforge.net/).

Smart Meters Dumb Regulators
By Drake

Smart metering is the one of the hottest topics in the Energy and Utilities sector in Europe and North America.

Iptables
By Hamidreza Mohebali

Network security is a primary consideration in any decision to host a website as the threats are becoming more widespread and persistent every day. One means of providing additional protection is to invest in a firewall.

Interview with Richard Johnson
By Aby Rao

Richard Johnson is a computer security specialist who spends his time playing in the realm of software vulnerability analysis. Richard currently fills the role of principal research engineer on Sourcefire’s Vulnerability Research Team, offering 10 years of expertise in the software security industry. Current responsibilities include research on exploitation technologies and automation of the vulnerability triage and discovery process.