by Stephen Barish In sports, it's pretty much accepted wisdom that home teams have the advantage; that's why teams with winning records on the road do so well in the playoffs. But for some reason we rarely think about "the home field ...

by Nicolas Falliere This paper classifies and presents several anti-debugging techniques used on Windows NT-based operating systems. Anti-debugging techniques are ways for a program to detect if it runs under control of a debugger. They are used by ...

by Jason Ostrom, John Kindervag “You can’t access our corporate data network from the IP Phones." Testing Protection Controls on a VoIP Network – A Case Study and Method The Business Risk Convergence - the ...

by Jamie Riden The problem of sensitive data being leaked through the re-use of storage media is by now well-documented. This is unfortunately a reasonably common occurrence, as shown by various stories of sensitive media being lost or sold ( [1] ...

by Jamie Morris Introduction In part one of this series [ ref 1 ] we looked at the different editions of Vista available and discussed the various encryption and backup features which might be of interest to forensic examiners. In this ...

by Jamie Morris Introduction While the fundamental principles of computer forensics remain largely unchallenged, the landscape upon which investigators operate is constantly changing. A combination of new technologies and changing habits ...

by Rohit Sethi and Nish Bhalla Introduction This article examines the dismal state of application-layer logging as observed from the authors’ years of experience in performing source code security analysis on millions of lines of code. It argues ...

by Tony Bradley, CISSP-ISSAP This article takes a look at the Windows Integrity Control (WIC) capabilities in Windows Vista by examining how it protects objects such as files and folders on Vista computers, the different levels of protection offered, ...

by Chris Wysopal, Lucas Nelson, et al. This article is an excerpt from the book, "The Art of Software Security Testing," and focuses on the approach and techniques used to test the security of local applications. It begins by describing ...

by Raul Siles, GSE Introduction In part one of this series , we discussed the technical challenges for wireless traffic acquisition and provided design requirements and best practices for wireless forensics tools. In this second ...