HOME > RSS Feeds > Security
Add To:  Subscribe with My Yahoo!  Subscribe with Google  Subscribe in NewsGator Online  Subscribe in Rojo  Subscribe with Pluck RSS reader  Subscribe with Bloglines  Add to AOL Subscribe to this feed using your favorite reader  

 
Critical Microsoft Visual Studio Security Patch Tuesday
Microsoft is releasing a security patch for Visual Studio and another & moderate& rated patch for IE for almost all versions. The patches are must-haves for developers that use Visual Studio and any internet explorer users.

US Faces Tech Security Expert Deficit
Recent attacks against the United States IT security infrastructure has officials worried that, over the next decade, qualified cyber-security personnel will be at a premium; and a shortage. The question is: how does the USA plan to lure and keep top tech talent to secure and protect the national information infrastructure?

LAN Reconnaissance
If you're trying to keep your LAN secure, sometimes it helps to think like a cracker. This article shows you how to scout out a LAN, and how malicious hackers get around security. It is excerpted from chapter four of Security Power Tools, written by Bryan Burns et. al. (O'Reilly, 2007; ISBN: 0596009631). Copyright © 2007 O'Reilly Media, Inc. All rights reserved. Used with permission from the publisher. Available from booksellers or direct from O'Reilly Media.

An Epilogue to Cryptography
This is the last part of a three-part series covering encryption and decryption, with a focus on the algorithms used. If you have missed either the first or second part, I encourage you to check them out before reading this part.

A Sequel to Cryptography
This is the second part of a series covering cryptography algorithms. If by any chance you have missed its first part, I urge you to check it out right now. It is called An Introduction to Cryptography. In order to understand this article, it is crucial to grasp the concepts explained in that part.

An Introduction to Cryptography
In the last few decades the science and study of cryptography has earned an outstanding reputation due to its insane applicability and efficiency. Cryptography is the science of message secrecy. Its importance is easily explicable -- it is used everywhere: online purchasing, secured money transfers, cellular phones, broadcast of TV channels, emails, confidential data, and so forth. Our life would be quite different without cryptography.

Security Overview
When we talk about “security” we know what we want, but describing it and making it happen can be different matters altogether. Network security has a natural conflict with network connectivity. The more an autonomous system opens itself up, the more risk it takes on. This, in turn, requires that more effort be applied to security enforcement tasks. This article is chapter eight of the book, Cisco: A Beginner's Guide, third edition, by Anthony Velte and Toby Velte (McGraw-Hill/Osborne, 2004, ISBN: 0072256354).

Network Security Assessment
If you want to run a business with a website, security must be high on your list of important matters to get right up front. In this article, you will learn about Internet-based network security assessment and penetration testing, which can help you determine your website's risk of being successfully attacked -- and what to do to fix any problems. It is taken from chapter one of the book Network Security Assessment by Chris McNab (O'Reilly, 2004; ISBN: 059600611X).

Firewalls
If you have ever wondered how to configure and run a secure open source firewall, look no further. This book excerpt is from chapter three of Open Source Security Tools by Tony Howlett, ISBN 0321194438, copyright 2004. All rights reserved. It is reprinted with permission from Addison-Wesley Professional.

What’s behind the curtain? Part II
In this second of a three-part series covering threats to computer security, we focus on attacks that are more specifically directed against a particular person or company.

What’s behind the curtain? Part I
It's no secret that any computer connected to the Internet faces a wide array of security threats. These days, however, a business needs to be connected to the Internet just to do business. What can you do? Keep reading to learn more about risks you take, and what you can do to protect yourself and your company.

Vectors
Many of us who use use security products on our computers religiously are bewildered to find that we still get infected with malware. How does this happen? No matter what we do, our computers are constantly in touch with the vectors that carry malicious software. Thomas Greene explains what this means, and what we can do about it.

PKI: Looking at the Risks
Public key infrastructure (PKI) is an excellent technology to help users certify that the people or companies they are corresponding with are who they say they are. It has proven itself invaluable in e-commerce among other areas. As with any technology, however, it is not without its own security risks. Eliana Stavrou discusses these risks, and ways to minimize them.

A Quick Look at Cross Site Scripting
We may not be able to completely bulletproof our websites, but we can at least try to anticipate possible attacks and secure against them. Here is one you might not have heard of: cross site scripting. With just a bit of JavaScript, a malicious attacker can use it to cause all sorts of problems. To find out more about what it is, and how to prevent your website from becoming a victim, keep reading.

PKI Architectures: How to Choose One
In the Internet’s world of insecurities, many actions should be taken to enhance the defense of each and every network. Many solutions exist that provide a level of security, none however being bulletproof. The best approach is to combine a variety of mechanisms that will supplement one another. In this article I will discuss a technology that is considered to be the new trend and a favored option among network implementers, that is Public Key Infrastructure (PKI).

Trust, Access Control, and Rights for Web Services, Part 2
Web services themselves provide a powerful new approach to PKI that prevents each Web service requestor and provider from having to build their own PKI: accessing a trusted PKI as a service. XKMS aims to do just that. This is part 2 of chapter 9 from Securing Web Services with WS-Security, by Rosenberg and Remy (ISBN 0672326515, SAMS, 2004).

Basic Concepts of Web Services Security
Today we cover the basics of Web services and information security and the way Web services security builds on existing security technology. This is chapter 1 from Securing Web Services with WS-Security, by Rosenberg and Remy (ISBN 0672326515, Sams, 2004).

Safeguarding the Identity and Integrity of XML Messages
XML Signature and XML Encryption, two of the three major pillars of the WS-Security standard, are so predominant in current thinking about Web Services Security that some people mistake them as the only strategy for securing Web services. This is really not the case at all. Read more in this chapter from Securing Web Services with WS-Security, by Rosenberg and Remy (ISBN 0672326515, SAMS, 2004).

Hacking Your Own Site
The purpose of this article is not to teach you how to hack sites, but to show you some scenarios that may reveal to you how vulnerable your existing site may be, or will hopefully help you prevent any future sites from having these vulnerabilities.

Trust, Access Control, and Rights for Web Services Part 1
Several other important standards are derived from and are complementary to WS-Security; they relate to such fundamental security topics as trust, access control, and rights. In this chapter, we review the family of WS-Security–related technologies. This is part 1 of chapter 9 from Securing Web Services with WS-Security, by Rosenberg and Remy (ISBN 0672326515, Sams, 2004).