A vulnerability discovered in some of Juniper Networks' routing software highlights that the next-generation Internet, known as Internet Protocol version 6, still has a ways to go before it will be ready for widespread adoption. The US Computer Emergency Readiness Team and Secunia, a security advisory company, issued alerts on Wednesday for Juniper M-series and T-series routers built between 24 February and 20 June that are running IPv6.
Last week a Federal District Court in Boston decided that when someone reads your private e-mail without your permission and before you receive it, it doesn't violate federal wiretap law. The ruling perfectly illustrates how we can frustrate the entire purpose of a statute simply by reading it too carefully.
SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries without stripping potentially harmful characters first. Despite being remarkably simple to protect against, there is an astonishing number of production systems connected to the Internet that are vulnerable to this type of attack.
In this HNS audio learning session, Caleb Sima, SPI Dynamics CTO, discusses SQL injection attacks, offers practical examples of these vulnerabilities and gives his tips on both how to find and how to immunize SQL injection vulnerabilities.
Computer security experts warned yesterday of another new Internet threat that can steal the passwords and account information of people who bank online -- the second such discovery in a week.
Users can pick up the latest bug, which doesn't yet have a name, from pop-up ads that secretly download software capable of capturing their keystrokes. The pop-ups originate at Web sites that receive their ads from certain online ad services, which apparently had themselves been hacked to spread the malicious code.
This article shows how a network analyzer, historically used for network troubleshooting, can also be used to defend against the security threats. Certain features of a network analyzer can be set to monitor for virus and attack signatures and offer quick ways of isolating infected systems. For those organizations that are looking to invest in a network analyzer there are certain key features that should be considered.