SecurityRatty: tag: classes

The Two Classes of Airport Contraband

2008-09-23 05:47:04 by schneier in Schneier on Security

...classes of contraband at airport security checkpoints: the class that will get you in trouble if you try to bring it on an airplane, and the class that will cheerily be taken away from you if you try to bring it on an airplane. This difference is important: Making security screeners confiscate anything from that second class is a waste of...

Tags: airport security checkpoints, checkpoints, airport security, screeners, security screeners, liquid, london liquid bombers, airport screeners, plot

Anti-Debugging Series - Part I

2008-12-02 20:56:25 by Tyler Shields in Zero in a bit

...classes of anti-debugging that we will be discussing. While other classes may exist, the definition of these classes is an attempt to include the majority of anti-debugging methods in use today. There is some overlap between classifications and we may have left out some methods due to limited exposure or effectiveness API Based...

Tags: process execution breaks, execution, process, methods query process, hardware breakpoint, hardware, process information, target process, methods

Mailing error at the University of Maryland exposes student information

2008-07-18 09:18:07 by Evan Francen in The Breach Blog

...classes Number Affected 23,727 Types of Data Names, addresses, and Social Security numbers Breach Description On July 1st, 2008, the University of Maryland Department of Transportation Services mailed an on-campus parking brochure to all students registered for Fall 2008 classes as of June 15, 2008. Recipient Social Security numbers were...

Tags: information, university, maryland, personal information, university identification, university community, social security, addressees social security, recipient social security

SDL and the XSS Filter

2008-08-27 15:35:00 by sdl in The Security Development Lifecycle

...classes of vulnerabilities, we also look to identify more sweeping solutions that can either 1) eliminate classes of vulnerabilities, 2) reduce their severity, or 3) reduce the likelihood of attacks being successful. The process usually starts from deep understanding of a class of vulnerabilities and attacks, and then we broaden defenses from...

Tags: xss, xss filter, xss vulnerabilities, xss led, anti-xss library, xss attack, xss attacks, attacks, xss filter remembers

Web Services and XML Security Training at OWASP

2008-08-28 08:55:59 by Gunnar Peterson in 1 Raindrop

...classes Web Services frameworks Apache CXF - very interesting open source Web services framework with support for JMS, SOAP, and Rest Apache Axis & Axis2 Net Metro - interesting framework from Sun for interop with WCF Identity PingFederate - leading federation tool, we'll look at browser based SSO with SAML PingFederate Web Services -...

Tags: security, soa security standards, security standards, soa security, soa, security critical environment, information security, information, application security principles

University of Florida student info online

2007-11-28 09:17:23 by Evan Francen in The Breach Blog

...classes (ISM 4220 & ISM 4330) taught by information systems and operations management professor Richard Elnicki between 1998 and 2001 Number Affected 534 Types of Data sensitive information" including Social Security numbers of 415 students Breach Description The Liberty Coalition discovered a file containing sensitive personal information...

Tags: florida, sensitive personal information, information, information systems, comfyllama information security, web site, services web site, independent florida alligator, files

The STRIDE per Element Chart

2007-10-29 23:06:46 by sdl in The Security Development Lifecycle

...classes of things that would cause us to ship updates. Thats tremendously important, so Ill repeat it. They were looking for classes of things that would cause us to ship an update. If we wouldnt update for it, it doesnt exist in the chart. Thats not to say it doesnt exist. If theres an elevation of privilege against an external entity, well,...

Tags: element chart, chart, stride, specific, specific threats, cve data, data, stride chart, threats

The Austin Project

2008-01-21 22:45:39 by RSnake in ha.ckers.org web application security lab

...classes, but they will be discussed only with people who attend. Days will be spent talking about webappsec, nights will be spent with me in downtown Austin, visiting the local nightlife and probably talking about webappsec some more. My goal is not to make myself the grand leader of a group of five people who are webappsec gods, but rather,...

Tags: people, competent people, project, helps people focus, austin project, austin project web-page, security, web application security, site

Technical glitch blamed in The Princeton Tower Club breach

2008-05-13 09:20:10 by Evan Francen in The Breach Blog

...classes of 2006 and 2007 after a spreadsheet listing their names and social security numbers was e-mailed to current club members early Wednesday morning Reference URL The Daily Princetonian United Press International Asbury Park Press Report Credit Rachel Dunn and Josephine Wolff, The Daily Princetonian Response From the online sources...

Tags: princeton tower club, tower club, club, club technical chair, e-mail system tower, e-mail system, tower, system, current club

SDL Training

2008-05-29 15:22:00 by sdl in The Security Development Lifecycle

...classes I offered. And I tried to do a lot of things to try to make the trainings interesting. I handed out dozens of fresh peaches in an early class on fuzz testing, for example. The room smelled really nice after that, and there are probably still a few people around Microsoft who think of fuzz testing when they see a peach But even on my...

Tags: real behavior change, behavior, sdl, change peoples behavior, security, security guy, security defects, defects, security class

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo