SEARCH RESULTS
 
Showing 1-10 of 30 records
 
Expand article

WebGoat 1: SQL Injection Demonstration

2007-11-14 01:19:49 by Editor in Irongeek's Security Site
 
...Demonstration SQL injection is a common web application attack that focuses on the database backend. WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. I plan to use WebGoat for a few future videos. This first WebGoat video will show the basics of installing WebGoat...
 
Tags: sql injection, sql injection demonstration, webgoat, video, webgoat video, sql injection lessons, database backend, future videos, basics
 
 
 
 
Expand article

Interop NY Keynotes: IBM

2008-09-17 13:39:59 by Julia Lim in ScienceLogic
 
...Demonstration Executive IT architect Ron Sebastian provided a demonstration of IBMs collaboration strategy. IBMs Web 2.0 solutions span delivery platforms Platform - web as platform Application - development People - social computing Lotus Connections - a family of social computing software that provides profile lookup and community...
 
Tags: ibm, information sites, information, collaboration, web, social, ibms collaboration strategy, social services, collaborative web
 
 
 
 
Expand article

Metro Louisville InfoSec 2007 Conference

2007-09-25 20:06:06 by Editor in Irongeek's Security Site
 
...demonstration-oriented breakout sessions will be held. Up to 6-CPE credits may be earned by attendance I'll be attending, hope to see some of you there
 
Tags: keynote speaker, information security conference, security system design, keynote, held, day event, event site, breakout sessions, multiple technical
 
 
 
 
Expand article

What If All Vulnerabilities Had This Disclosure Timeline?

2008-02-07 02:08:33 by Chris Wysopal in Zero in a bit
 
...demonstration Feb 6, 2008: Vulnerability still not patched Its not your typical disclosure time line. In recent years we have become accustomed to a disclosure time line that goes something like this Typical Timeline Dec 16, 2007: Vendor notified of vulnerability and given exploit code Feb 6, 2008: Public disclosure with details and vendor...
 
Tags: vulnerability finders, vulnerability, vulnerability exists, heap overflow vulnerability, gleg realplayer vulnerability, gleg customer, customer, gleg, exploit code
 
 
 
 
Expand article

German Minister's Fingerprint Published

2008-04-01 14:37:40 by schneier in Schneier on Security
 
...demonstration that a fingerprint is not a secret, and 2) a great political hack. Wolfgang Schauble, Germany's interior minister, is a strong supporter of collecting biometric data on everyone as an antiterrorist measure. Because, um, because it sounds like a good idea Here's the story directly from the Chaos Computer Club (in German), and its...
 
Tags: chaos computer club, fingerprint, strong supporter, german, interior minister, antiterrorist measure, wolfgang schauble, political hack, story directly
 
 
 
 
Expand article

The Rise of Kosovo Defacement Groups

The Article has images
2008-04-21 04:31:00 by HASH0x8b5b604 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...demonstration of power online, most interestingly the fact that at the beginning of their capabilities development process, they target everyone, everywhere, to later on move to more targeted attacks to greatly improve the effectiveness of the PSYOPs motives
 
Tags: defacement, greatly improve, greatly, defacement beneath, psyops, greatly showcases, psyops motives, web application vulnerabilities, capabilities development process
 
 
 
 
Expand article

10 Myths About Life As An IT Security Professional

The Article has images
2008-04-25 23:08:41 by Craig Balding in Security Wannabe
...demonstration (look how easy that was to break into!), humour and relationship building. And sometimes, the policy is wrong and you have to big enough to admit it and fix it. One thing to note: in a crisis or other time sensitive incident, it may be time to bark the orders. Most reasonable people will understand that after the event You dont...
 
Tags: security, company security policy, security policy, technical security skills, technical security, policy, security professional, platform specific security, cool
 
 
 
 
Expand article

Hackers Holy Grail - Redefined by Microsoft

2008-04-29 16:53:42 by Erik T. Heidt in Art of Information Security
 
...demonstration of how organized (and profitable) cybercrime is. Microsoft has now defined a new Holy Grail for those organizations to pursue. The CSI/FBI computer crime report consistently demonstrates how significant the Insider Threat is, and clones of the COFEE will make those individuals that much more dangerous Also, the reverse...
 
Tags: holy grail, microsoft, hackers holy grail, black hat community, cybercrime underworld, cybercrime, computer, gather digital evidence, reverse engineer
 
 
 
 
Expand article

Confidential information sent to PinPay.net and SoftCard.biz is exposed

The Article has images
2008-05-08 13:26:03 by Evan Francen in The Breach Blog
...demonstration about why it is important to encrypt sensitive information. If the communication had been encrypted, none of the data would have been visible without access to the private key We could go deeper into the server application and SQL, but I think that this is enough A Quote from the ACAP Security CEO The right of privacy is a...
 
Tags: information, drivers license card, license card, card, free card, social security card, sensitive information, sensitive personal information, encrypt sensitive information
 
 
 
 
Expand article

Former employee exposes Purdue Pharma personal information

The Article has images
2008-05-12 18:44:52 by Evan Francen in The Breach Blog
...demonstration purposes only, $8.25/mo. x 5,000 subscriptions x 24 months = $990,000 We deeply regret that this incident occurred and take very seriously our obligation to protect the privacy of personal information Commentary Employee and former employee information misuse is a very challenging issue for information security professionals....
 
Tags: information, personal information, information security professionals, purdue pharma, purdue, information confidentiality, employee information misuse,