November 2005 | Archive by Month |

November 2005

  • VLAN hopping (virtual local area network hopping)

    VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.

  • New algorithm promises to secure P2P content

    Three cryptographers have developed a secure P2P content distribution method without creating bottlenecks, and it could prove to be a significant breakthrough in the encryption arena.

  • Apple patches 13 flaws in Mac OS X

    Attackers could gain unauthorized system access, compromise sensitive data and launch malcode by exploiting a series of security holes in Mac OS X. But patches are available.

  • Cisco patches Security Agent flaw

    The networking giant warned in an advisory Tuesday that local users could exploit a hole in its threat protection software.

  • How to tame Google Desktop

    Although not classified as spyware, if left unmanaged and unmonitored desktop search engines, like Google Desktop, can introduce serious security concerns. This tip examines these risks and explain...

  • Sun fixes multiple Java flaws

    Attackers could exploit flaws in the Java Runtime Environment and Management Extensions to read and write local files or execute applications.

  • Opera: Another contender in the browser wars

    Opera Software removed the ad banners and dropped the licensing fees from its browser, making Opera a viable alternative to Internet Explorer. Learn how Opera compares to Firefox in terms of securi...

  • Zotob

    Zotob is a computer worm used by an attacker to gather personal and financial information from computers running Microsoft Windows that have a buffer overflow vulnerability. Zotob, which has severa...

  • Binary over JPEG

    In this Ask the Expert Q&A, Michael Cobb explains what "binary over JPEG" is and how hackers use this mechanism to exploit system vulnerabilites.

  • How an attacker cracks a symmetric key-based system

    Learn how an attacker cracks a symmetric key-based system.

  • PING with Desiree Beck

  • Verifying legitimate help desk requests

    Learn how to to defeat social engineers and measures help desk staff should take to protect the network after password resets.

  • Busted: The inside story of 'Operation Firewall'

    A trial attorney with the Department of Justice offers an inside look at Operation Firewall, the 18-month investigation that nabbed a network of thieves responsible for 1.7 million credit card thefts.

  • How IPsec and SSL/TLS use symmetric and asymmetric encryption

    In this Ask the Expert Q&A, our identity and access management expert explains how IPsec and SSL/TLS use these two authentication methods to establish secure Web sessions.

  • How Kerberos, PKI and IPsec interoperate

    In this Ask the Expert Q&A, our identity and access management expert explains how these three unrelated systems interoperate to authenticate and manage digital certificates.

  • More from SearchSecurity -- December 2005

    Highlights from the December 2005 issue of Information Security magazine.

  • How different DBMSes implement Internet database security

    Learn what it takes to achieve comprehensive DBMS security, in this application security Ask the Expert Q&A.

  • A Sobering return from the holiday weekend

    AV firms are eyeing several new threats, including a Sober variant now responsible for one out of every 14 e-mails on the Net. This as many users fire up PCs after a four-day holiday break.

  • Securing e-mail exchanges

    In this Ask the Expert Q&A, Michael Cobb examines how using S/MIME and various encryption methods can help solve your confidentiality, authenticity, non-repudiation, unsecured backup and other e-ma...

  • Don't believe the VoIP security hype

    The VoIP Security Alliance recently created a "Threat Taxonomy" outlining threats, and vendors are flooding the market with security products. What should companies be afraid of?