SecurityRatty: tag: software

Poor security quality in software. Someone is watching over me.

2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit

...software while Howard was waiting on line to have his iPhone upgraded Howard Schmidt, who was once the CSO of Microsoft, knows a thing or two about vendors shipping insecure software. He offers this advice relating to his iPhone, Just because a piece of software was distributed through Apples App Store, dont assume that it is vulnerability...

Poor Security Quality In Software; Someone Is Watching Over Me

2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit

...software while Howard was waiting on line to have his iPhone upgraded Howard Schmidt, who was once the CSO of Microsoft, knows a thing or two about vendors shipping insecure software. He offers this advice relating to his iPhone, Just because a piece of software was distributed through Apples App Store, dont assume that it is vulnerability...

Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance

Software Security Market

2008-08-25 13:18:59 by Gunnar Peterson in 1 Raindrop

...software security, breaking down software security sectors like tools and services (note to Gary - I think Aspect does more than just training!). This is great work by Gary to get these numbers to see the real changes occuring in software security. Here were his findings on software security tools One of the most important developments in...

Tags: software, software security market, software security sectors, space, tools space, compare software security, software security sherpas, software security space, software security

Contributing To Open Source Software Security

2008-05-05 11:38:00 by Niels Provos in Google Online Security Blog

...software plays a critical role in the operation of the Internet. The security of open source software is therefore quite important, as it often interacts with personal information -- ranging from credit card numbers to medical records -- that needs to be kept safe. There has been a long-lived discussion on whether open source software is...

Tags: security, source software, software, additional security contributions, background, operational security background, security professionals, security vulnerability mediation, manual security analysis

A Diverse Portfolio of Fake Security Software - Part Five

2008-09-02 05:04:58 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...software propositions are not just starting to take park them at up to three different locations, localize the sites to different languages and introduce client-side exploits , just in case the end user gets suspicious and doesn't install it, but also, the natural evasive practices. For instance, once some of their domains get detected and...

Tags: fake security software, net, diverse portfolio, introduce client-side exploits, malicious isps, exploits, sql injection attack, lazy summer days, domains

Web Server Software and Malware

2007-06-05 09:30:00 by Niels Provos in Google Online Security Blog

...software to provide insight into how server software is correlated to servers hosting malware binaries or engaging in drive-by-downloads We determine server operating system by examining the 'Server:' HTTP header reported by most web servers. A survey of servers running roughly 80 million domain names reveals the web server software...

Tags: servers serve malware, servers, apache servers, malicious servers, web server software, server software, web servers, microsoft iis, microsoft iis features

A Diverse Portfolio of Fake Security Software - Part Four

2008-08-25 05:58:02 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...software and rogue codecs serving domains, the very same templates, but with different domain names, continue appearing in blackhat SEO, spam, and malicious doorways redirection campaigns Moreover, with the "time-to-market" of a fake security software decreasing due to the efficiency approach introduced in the form of tips for abuse-free...

Tags: fake security software, traffic, drive traffic, diverse portfolio, traffic acquisition tactics, malicious, malicious isps, due, traffic due

Software Liabilities and Free Software

2008-07-28 14:42:33 by schneier in Schneier on Security

...software liabilities , many people ask about free and open source software. If people who write free software, like PasswordSafe , are forced to assume liabilities, they will simply not be able to and free software would disappear Don't worry, they won't be The key to understanding this is that this sort of contractual liability is part of a...

Tags: free software, free, free software packages, distribute free software, software liabilities, liabilities, assume liabilities, free linux, people

A Diverse Portfolio of Fake Security Software - Part Three

2008-08-20 04:36:14 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...software site. Is the curiosity approach working anyway? Naturally, thanks to the effect of "regressive Darwinism Compared to February, 2008's malicious advertising (Malvertising) attack , the current one is less comprehensive and not so well thought of -- thankfully What these campaigns have in common is the fake security software served...

Tags: net, fake security software, malicious parties, malicious, malware campaigners persistence, curiosity, curiosity approach, providers, regressive darwinism

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo