• Sort by
  • Date
  • Relevance
LATEST ARTICLES
 
No such post found: d09752f8fe2d95bb3497796fe81a3345
 
Expand article

Basic Flaws Allow Phishing And Spamming Vulnerabilities In iPhone

2008-07-23 22:34:27 by CyberInsecure in CyberInsecure.com
 
Security researcher Aviv Raff has discovered a pair of basic design flaws that could allow malicious phishing and spamming attacks on your iPhone. According to an advisory from Raff, the iPhones Mail and Safari applications are susceptible to a URL Spoofing vulnerability which allow attackers to conduct phishing attacks. iPhone Mail and Safari...
 
Tags: iphone, basic design flaws, safari applications, iphone mail, safari, attacks, iphones mail, firmware, pair
 
 
 
 
Expand article

Security Matters: Lesson From the DNS Bug: Patching Isn't Enough

2008-07-23 19:00:00 by Bruce Schneier in Wired Security
 
...security community, the details of a critical internet vulnerability discovered by Dan Kaminsky about six months ago have leaked. Hackers are racing to produce exploit code, and network operators who haven't already patched the hole are scrambling to catch up. The whole mess is a good illustration of the problems with researching and...
 
Tags: security, security engineer, security engineer brings, security holes, smart design choice, design, security engineers, kaminsky, dan kaminsky
 
 
 
 
Expand article

Drive-by download attacks menace gov sites

2008-07-23 17:30:31 by Editor in ElectricNews.net - SECURITY
 
The number of drive-by download attacks has tripled and they are beginning to affect government websites as well as small business operations
 
Tags: drive-by download attacks, affect government websites, business operations
 
 
 
 
Expand article

"Walking" with the SDL - Part 3

2008-07-23 16:43:00 by sdl in The Security Development Lifecycle
 
...information. Whatever method you use, it is important to anticipate the accumulation of a large set of information that should be easily used and shared across the organization I would like to do a deeper dive on the importance of security code reviews as part of your walk evolution. Security code reviews focus on identifying insecure coding...
 
Tags: security requirements serve, security requirements, security development lifecycle, security development, requirements, lifecycle, security lifecycle, security, security ecosystem
 
 
 
 
Expand article

Perspective on GRC

2008-07-23 16:09:49 by Alex in RiskAnalys.is
 
From some comments Dwayne made on yesterdays post IT- GRC is just threat / vulnerability pairing when you consider external regulatory compliance pressures as the Threat Community. If you think of it this way, you might be able to understand why Im not keen on the value of GRC many current solutions. As Shrdlu (or was it rybolov?) once said -...
 
Tags: grc, it- grc, threat, threat community, comments dwayne, current solutions, report, yesterdays post, addition
 
 
 
 
 
Showing 1-5
1234...
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia