by Raul Siles, GSE Introduction The huge adoption of wireless technologies over recent years has placed wireless data (or Wi-Fi) networks, based on the 802.11 specifications, as one of the major attack vectors for organizations nowadays. ...

by Mikhael Felker Introduction and review of part one This article presents an analysis of the security mechanisms, risks, attacks, and defenses of the two most commonly used password management systems: those found in Internet Explorer and ...

by Mikhael Felker 1. Introduction This two-part paper presents an analysis of the security mechanisms, risks, attacks, and defenses of the two most commonly used password management systems for web browsers, found in Internet Explorer and ...

by Shreeraj Shah Introduction Web 2.0 applications are a combination of several technologies such as Asynchronous JavaScript and XML (AJAX), Flash, JavaScript Object Notation (JSON), Simple Object Access Protocol (SOAP), Representational ...

by Jamie Riden Introduction In the past few years, a number of serious flaws in Windows have been exposed, including MS03-026 [ ref 1 ], the flaw that Blaster [ ref 2 ] used to spread in 2003, right up to the recent Mocbot/Wargbot worm [ ref ...

by Shreeraj Shah Introduction AJAX and interactive web services form the backbone of “web 2.0” applications. This technological transformation brings about new challenges for security professionals. This article looks at some of the methods, ...

by Elad Efrat 1. Introduction Running on almost twenty different architectures, and easily portable to others, NetBSD gained its reputation as the most portable operating system on the planet. While that may indicate high quality code, the ever ...

by David Maynor Introduction Since our talks at Black Hat Vegas and DEFCON, Jon Ellch and I have been peppered with questions regarding how to find vulnerabilities in wireless device drivers and the specific techniques that were employed. Rather ...

by Christian Seifert Introduction Malicious SSH login attempts have been appearing in some administrators' logs for several years. This article revisits the use of honeypots to analyze malicious SSH login attempts and see what can be learned ...

by Khushbu Jithra 1. Continuing from part one The flood of recent Microsoft Office vulnerabilities has brought forth the need to understand the mechanics of the MS Office security architecture and the possible fault injection points. The first ...