On Wednesday July 28th, Microsoft contacted MAPPs partners, of which Razor Consulting, Inc is a member, to inform us of a new vulnerability in the parsing of .lnk files, known as Windows Shortcut Files. Symantec coders were on top of it on the 16th. Continue reading »
In most organizations, the only method of authentication by which users identify themselves to computer systems is the password. The concept of passwords has been around for decades and, while not perfect, it’s cheap to establish and easy to support. Continue reading »
Most people assume that the typical cracker rarely ventures onto the premises of the company whose systems he wishes to attack. He prefers instead the anonymity of the internet and the freedom that it gives him to attack targets all over the world regardless of time zones. Consequently, most companies put all their IT security effort into protecting their servers from internet-based attack and fail to give adequate consideration to the activities that a cracker could carry out in person. Such neglect is at best unwise and at worst highly dangerous. Continue reading »
There’s only one way to discover the true state of your company’s IT security, and that’s to try breaking it. It’s possible to do this yourself using automated software products which try to mimic the behaviour of a typical hacker, and such products will be discussed later in this chapter. But the best way to discover the full truth about the state of your security is to undergo a penetration test by a licensed and bonded security professional. Continue reading »
Defeating crackers requires many different techniques. You can use encryption to protect confidential files, or user names and passwords to guard a private Web site. Continue reading »
Every company needs a formal written document which spells out to staff precisely what they are allowed to use the company’s systems for, what is prohibited, and what will happen to them if they break the rules. Continue reading »
here are two types of computer cookies: temporary and permanent. Temporary cookies, also called session cookies, are stored temporarily in your browser's memory and are deleted as soon as you end the session by closing the browser. Continue reading »
As many people are already aware, McAfee released DAT 5958 today. This DAT contained a fault, which caused issues in hosts running Windows XP SP3. Continue reading »