Search results

Why phishing works There are many ways to take advantage of a user’s trust There are numerous reasons why phishing works so well, starting with the ability of the scammers to play mind tricks on victims, in order to lure them into trouble. Phishers can use tempting offers, like complimentary...

Indeed, attacks on Web applications and on the application layer in general are plentiful. Protecting against these types of attacks is particularly challenging since many are zero-day exploits caused by software bugs or Web server misconfiguration. Application security is a complex problem. You...

An attacker will first attempt to gain access to the device by exploiting a vulnerability or by tricking the user into installing malware. If successful, the attacker would have gained access with the privilege of the exploited program or of a normal app in the case of a malware install. While...

“The Dyre Wolf” by IBM Security researchers, shows a brazen twist from the once-simple Dyre malware by adding sophisticated social engineering tactics likely to circumvent two-factor authentication. In recent incidents, organizations have lost between $500,000 and $1.5 million to attackers...

We are going consider how to delete flash cookies and keep our PCs out of reach of some prying websites.When you watch videos on the internet, Adobe Flash Player stores cookies on your computer. These Flash Cookies or Local Shared Objects (LSOs) may be desirable as they are able to transfer...

What is a proxy and what types of proxies exist? A proxy is nothing more than a tool allocated to act as an intermediary in communications. Depending on what type of proxy is used, it may be possible to identify the information sent by the user—and this may be recorded on some kind of equipment...

The first thing I would recommend to folks looking to get into this industry is to take some classes on Information Security. You can do that in a school setting, or you can get education in the form of a training program, or as part of a conference depending on how comfortable you are with...

Contact customer service If the hack is of Facebook, Twitter or another online service provider, you should contact their customer service teams as soon as possible. These companies, especially in the social networking space, are getting better at cracking down on stolen accounts and even have...

A portion of customer data from much-respected anti-virus firm BitDefender has leaked online and, according to the hacker who took the data and tried to extort the firm, usernames and passwords were not encrypted. The perpetrator told FORBES all the data he stole was unencrypted. Usernames and...

These are some of the biggest computer hacks of the past five years. 1. Adobe (October 2013) Number of people affected: 150 million Information stolen: Email addresses and passwords for 150 million users, according to security vendor Sophos, as well as credit card data for 2.9 million users. A...

Criminals seek out these systems because they know that’s where they can gain access to a large number of records of customer data, specifically credit and debit card information. Here are two common attack vectors and some details on what can be done to keep such systems mostly immune from...

Never in my wildest dreams did I expect that blog to be tweeted, posted to LinkedIn, shared on Facebook or emailed as much as it has been since the initial publication date. I’m truly grateful for the interest in the topic and for the support in getting our valuable mobile application security...

Securing Web applications is not just a matter of writing secure code. Organizations large and small must establish a well-defined application security testing program that includes their entire application portfolio. This program must touch on various areas including education, threat modeling...