Tuesday | 23 March, 2010
CSO

Application Security: Opinions

Opinions
  • +

    The Myth of Cloud Computing 04/12/2008 08:25:00

    Why the rapid spread of virtual technology is becoming a security risk
    Why the rapid spread of virtual technology is becoming a security risk.
  • +

    Cutting Through the Spin of Recent Vulnerability Disclosures 13/10/2008 11:53:00

    The FUD surrounding the ClickJacking and TCP/IP vulnerabilities has the world seemingly frozen in fear. But once you cut through the spin, the vulnerabilities aren't all that they were made out to be.
    There are a few highly publicised vulnerabilities at the moment which haven't completely been disclosed and which, it is claimed, could threaten the whole Internet as-we-know-it. Only, when the vulnerabilities are finally disclosed, it seems that the whole incident has been somewhat Chicken Little.
  • +

    Are we about to witness a real OS X virus? 24/07/2008 14:27:59

    Intego might have stumbled across an OS X specific virus being offered for auction that targets a previously unknown ZIP archive vulnerability.
    Mac antivirus maker, Intego, have published an interesting alert about a potential OS X virus that an enterprising individual is trying to sell through auction. With absolutely no technical information to go on, the antivirus maker is treating the announcement with caution.
  • +

    Hacking tools: A new version of BackTrack helps ethical hackers 30/06/2008 10:57:21

    BackTrack is the quickest way to get access to hundreds of (legal) hacking tools
    Version 3.0 of BackTrack has been released. BackTrack is a Linux-based distribution dedicated to penetration testing or hacking (depending on how you look at it). It contains more than 300 of the world's most popular open source or freely distributable hacking tools.
  • +

    A resurgent Denial of Service threat emerges 11/06/2008 19:12:24

    Something new might be emerging from the underground.
    A less known part of the recent ARP attack against H D Moore's MetaSploit site was an attempted Denial of Service attack that coincided with the successful ARP attack.
  • +

    Zero-second exploits 06/05/2008 12:04:48

    The number of days between a vendor patch being released and the malware exploit being announced has shrunk
    Microsoft SQL server hasn't had a public vulnerability announcement since 2004. The SQL Slammer worm struck in 2005, but the hole the worm exploited had been patched six months before. The holes that MS-Blaster and Code Red worm attacked had been patched, too. But back just a few years ago, no one really cared about patching really. We just didn't patch.
  • +

    Attackers are thinking outside the box 17/04/2008 11:19:36

    How to predict what the next attack will look like
    In the adversarial environment of information security, new types of attacks emerge constantly. Just recently, a very highly targeted phishing attack against CEOs used the pretext of a federal grand jury subpoena to lure executives to a site hosting malware. Let's face it: Most of the innovation in this industry is on the other side, the "dark" side. We are unfortunately forced to keep reacting to new ingenious attacks every few years.
  • +

    What spooks Microsoft's chief security advisor 27/03/2008 11:12:24

    Application exploits, virtualization security are big concerns
    Microsoft's US general manager/chief security advisor for its National Security Team thinks like a true security professional: In every bit of good news, Bret Arsenault wonders what bad news could be lurking behind it.
  • +

    Code name: Secure software 13/03/2006 14:34:47

    Code writers now occupy the front line in the battleground of software security as the defense shifts from perimeter protection to prevention function that's built in during the application development phase.
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Polls

Is your company prepared for a cyber attack?

Yes
No
View Results
 
Whitepaper

Making the move to Ethernet | A DECISION GUIDE

While enterprises today need higher bandwidth, there is increasing demand for solutions that can provide scalability, performance, simplicity and control at lower costs. Get the best of both worlds - read about Ethernet adoption today.

Sponsored Links