In the past, most Web content was static and predictable. But today’s reality is that Web content—even from so-called “trusted” sites—is constantly changing with end-users encouraged to post, edit, or manipulate content. The most popular and heavily-trafficked sites that make the most use of dynamic Web 2.0 content, are also the most vulnerable to attack. In fact, according to Websense® research covering the first half of 2008, over sixty percent of these top 100 sites either hosted malicious content or contained a masked redirect to an illegitimate site.
Read the rest of this entry »

• 0 Comments

Web 2.0 – user-generated content, rich user interfaces and co-operative, dynamic services – has also brought with it a new and extremely virulent breed of ‘Malware 2.0’. A key motivation for this study is the link between Web 2.0 and the increase in ‘drive-by’ malware infections requiring no intervention or awareness on the part of the user. To give some idea of the threat posed, a Scansafe report analysing malware trends reports that risks from compromised websites increased 407% in the year to May 2008.
Read the rest of this entry »

• 0 Comments

Prior to 2001, web sites were relatively static, designed to push information to users in a manner that was not interactive. But proving that adversity can be the path to enlightenment, following the dot-com crash in late 2001 a new, stronger Web emerged. And unlike its predecessor, the new Web lived up to its name – sites became sticky hubs of interactive content, constantly changing and morphing based on the wants and needs of its visitors. Today, the technology that enables Web 2.0 is merely the vehicle, the transport mechanism from point A to point B. It is the user – those members of the particular web community – who ultimately drives the destination.
Read the rest of this entry »

• 0 Comments

This paper details various security concerns and risks associated with web 2.0 technologies such as Asynchronous Java script and XML (AJAX), Syndication, aggregation and notification of data in RSS or Atom feeds, mashups created by merging content from different sources. This paper also describes the security implications leading with the usage of web 2.0 technologies such as AJAX, RSS, and Mashups. Increase in application functionality leading to the emerging new web technologies (web 2.0). These new web technologies open more avenues to security threats to the online applications and users. Efficient protection mechanisms should be considered when dealing with web 2.0 technologies usage.
Read the rest of this entry »

• 0 Comments

Whether we like it or not, Web 2.0 technologies are profoundly changing the way we work and interact. User-generated Web content—hosted applications, blogs, wikis, social networking sites, RSS feeds—is rapidly creeping into organizations, offering users new ways to collaborate and communicate.
Read the rest of this entry »

• 0 Comments

HP Email Archiving software for Microsoft Exchange is client software that integrates with HP Integrated Archive Platform (IAP) to help you mitigate the business risk associated with legal discovery, corporate governance, and regulatory compliance requirements, reduce the cost of email storage, and boost messaging server performance and availability. HP Email Archiving software for Microsoft Exchange integrates with Microsoft Outlook and OWA to provide a seamless, nearly transparent user interface where archived messages can still be accessed through users’ standard Outlook interface.
Read the rest of this entry »

• 0 Comments

F-Secure is the recommended anti-virus software at the University and can protect your PC from viruses and other malicious software.The University license allows you to install F-Secure,free of charge,on laptops and of ce computers,including home PCs.You should uninstall the software when you leave the University. You are required to have anti-virus software on any PC connecting to the University,including PCs using the VPN,study bedroom and wireless services. Access to the network may be withdrawn from any user whose PC infects the network.As new viruses are released every week,anti-virus software is updated regularly.Therefore,it is important that all users not only install but also regularly update their anti-virus software.
Read the rest of this entry »

• 0 Comments

Video of the talk will be on the CCC site in due course. It was felt, as the industry had been given a full 13 months to react to the original threat discovery, and responsible manufacturers had engineered and released firmware upgrades, that the time had come for full disclosure. This became increasingly urgent as it was clear that the techniques used were becoming realtively widely known within the security community, and it could therefore be assumed that the same was true for criminal and/or malicious users. code for the Bluetooth security issues, and any affected phone, regardless of age or origin, can be upgraded under that code free of charge.
Read the rest of this entry »

• 0 Comments