DDoS Protection Blog

Drive-by email malware alert: Plain text is just plain common sense

Just when I thought I was too smart to be fooled by malicious email, a report from German researchers made me start thinking about it again. The researchers, from the email security firm eleven, have identified drive-by download spam, which means that your computer will be infected if you simply open the message. No link or attachment to be wary...

Read more

Teaching a dead dog new tricks about stronger passwords

Some time ago I enjoyed a cartoon where a family was eulogizing their recently deceased pet. The caption was something like, “Rex, you were a good dog, and though you may be gone from this life, you will live on forever as our computer password.” The cartoon amused me, but it also made me uneasy because I realized I was guilty of...

Read more

Securing communications to reduce online fraud

The last decade has seen huge growth in the number of U.S. households that use online banking and online bill paying services. Some  72.5 million households participate in online banking, with 36.4 million using the Internet to pay bills, according to the Fiserv 2010 Consumer Billing and Payment Trends Survey. Those numbers represent a an 84%...

Read more

Better secure your code: Web application attacks are on the rise

Web attacks are on the rise, up 30% in six months, according to security vendor Imperva. The second edition of Imperva's Web Application Attack Report (the first report was issued in July) identifies cross-site scripting (XSS) as the attack vector of choice (29% of the attacks reported), followed by directory traversal (DT), accounting for...

Read more

Deploy Red Team to root out excess privilege — or end up red-faced

While outside pen testing is important, it does not address the bigger problems facing the enterprise today: sophisticated attackers who use escalated privileges to subvert business processes.

Read more

More Posts