M.K. Low

悪質な攻撃への近道 短縮 URL は近年、マイクロブログなど、文字数が制限されているテキストフィールドでスペースを確保する手段として広く使われています。URL によっては多くの文字を使うので、文字数上限を超えたり、テキストが強制改行されたり、Web ページのレンダリング方法に歪みが生じたりする可能性があります。URL 短縮サービスでは、URL を送信すると、特別にコード化された短縮 URL を受け取ることができます。その短縮URL をクリックすると、最初に送信した Web ページにリダイレクトされます。 攻撃者は、実際の URL が表示されないというこのサービスの特徴を悪用

Rogue security software programs, also known as misleading applications or scareware, are programs that pretend to be legitimate security software, such as an antivirus scanner or registry cleaner, but which actually provide the user with little or no protection whatsoever. Well known examples of

Mobile security was a hot issue at the CanSecWest conference, especially with the prolific use of smart phones for both enterprise and personal use. During my commute to work, it seems that everyone on the train is using their smart phone, pushing those little buttons on their little keyboard

A while back I came across an article about a website that tries to reunite lost photos with their owners. People who come across cameras, memory sticks, or photos are asked to upload a few of them onto the site with information such as location, date, or other specific details that may be rec

Recently, during her vacation to visit me, my sister forgot her cell phone and had to use her credit card in a pay phone to call me. Later that day, she tried to use the same credit card to check into her hotel and it was declined. After calling the credit card company, the man on the ph

It is very easy to post your public information onto socialnetworking sites. It took me less than five minutes to create andactivate my account and half an hour to populate the data with mybirthday, my home town, my status, my education, and my likes (puppies)and dislikes (chicken balls with red s

Personal information is very easy to steal.Names, addresses, dates of birth, credit card numbers, social securitynumbers - they’re all easy to find using the Internet. Once thatinformation is in the hands of criminals, it’s very easy for them touse. They can wipe out your bank account, run up y

There’s been a lot of coverage on the FBI Bot Roast II campaign where they released information about eight suspects who have beenindicted for conducting criminal botnet activity. Bot herder suspectsfrom across the United States have been linked to criminal activitiessuch as DDoS attacks, co

When I logged into my online banking Website last week, the login screen was different than what I was used to.My first reaction was that I had been hacked and the site was a spoof(a consequence of working in this field). Once I realized that it wasin fact the genuine login screen, I proceeded

Some people are very willing to give uppersonal information and most aren’t aware how much they are revealing.From social networking sites to personal Web pages to email, strangersnow have access to more personal information than ever before. Look atany person’s page on a social networking site