A small and diverse band of hobbyists steeped in the obscure languages of embedded systems has released its own custom firmware for a popular brand of cable modem, along with a technique for loading it -- a development that's already made life easier for uncappers and service squatters, and threatens to topple long-held assumptions about the privacy of cable modem communications.
Large companies need to take a long-term view of security, putting one person in charge of protecting an organisation's IT and physical assets.
Speaking at the Homeland and Corporate Security Summit in London, David Lacey, the Royal Mail's director of security, said that without a single authority figure with board-level responsibility, corporate security will not work as effectively as it could.
"If there is more than one person they will argue and business units will play them off against each other," he explained.
What do field sales employees, medical personnel and home-office workers connecting remotely to a central site have in common? A need for up-to-the-minute information. As a common method for near-instantaneous business communication, e-mail can be sent and received in many ways -- via pagers, cell phones and the like. One option that holds especial promise for increasing the timeliness of information flow is Web-based e-mail.
Some Web developers are complaining that an Internet Explorer patch that's meant to foil Net scams is disabling some applications that didn't put a premium on security.
Microsoft last week announced that a modification to its IE browser would stop the insecure practice of including sensitive information in links. The update, which was released Monday, had some Web site programmers up in arms Wednesday due to complaints from Web users that they could no longer log in to sites that secure entry through credentials included in the URL.
Cross-site scripting (XSS) occurs when an attacker introduces malicious scripts to a dynamic form that allows the attacker to capture the private session information. This article casts light on the areas vulnerable to XSS exploitation, explains how the user can protect himself, and details what the webmaster can do to secure a site from this type of malicious intrusion.