The current study aimed to investigate the mechanism of a selected punch of Macro Viruses spread in the field of Personal Computers with a concentration on virus called “Concept” in order to determine the needed methods to diagnosis the infection by such kind of virus and selecting procedural steps to prevent its damaging effects on software and its files.
Read the rest of this entry »

• 0 Comments

Although traditional firewalls have effectively prevented network-level attacks, most future attacks will be at the application level, where current security mechanisms are woefully inadequate. Application-level security vulnerabilities are inherent in a Web application’s code, regardless of the technology in which the application is implemented or the security of the Web server and backend database on which it is built. A recent advisory published by Internet Security Systems (see the “Internet Resources” sidebar, p. 44) claims that 11 widely deployed shopping cart applications are vulnerable to a simple attack that lets hackers pur- chase goods for much less than their listed price. Worryingly, the attack does not require particular technical skill; it suffices to save the shopping cart’s HTML confirmation form to disk, use a text editor to modify the price of the goods (stored in a hidden form field), and load the HTML form back into the browser.
Read the rest of this entry »

• 0 Comments

Information and communication technologies continue to pervade our lives in various aspects which include health, education, entertainment and ecommerce. People need to be able to trust computer systems as the dependence on them increases. The Trustworthy Computing vision (CRA, 2003) refers to computer systems that are intuitive, controllable, reliable and predictable and that ensure availability and security. Secure cod- ing is not trivial and poor code security management may leave the developed web application vulnerable to attack or turn the application into a launch pad for serious attacks.
Read the rest of this entry »

• 0 Comments

An 802.11a/g wireless network card that supports WPA or WPA2. 802.11b (wireless b) wireless network cards do NOT work. Note: Some less expensive wireless cards may support Wireless G but do not support WPA fully. If you experience problems, you can install the latest driver for your wireless card which is usually available through the card or computer manufacturer’s website.
Read the rest of this entry »

• 0 Comments

Google Earth is a free-of-charge, downloadable program that allows you to view the entire Earth from orbit with amazing clarity. It maps the entire earth as a 3d Globe by pasting together images obtained from satellite imagery and aerial photography. The Google Earth Program comes as part of Google’s free “Software Pack”. It’s a quick and easy download that you can get for free. It comes with these great free titles:
Read the rest of this entry »

• 0 Comments

Nearly all Web 2.0 applications started life as consumer-focused services, only later finding their way into the enterprise. But unlike many consumer ‘toys’, Web 2.0 actually delivers impressive benefits to the enterprise, including:
Streamlining collaboration within and beyond the enterprise
Accelerating search and information retrieval
Capturing knowledge assets and facilitating knowledge transfer
Speeding application development and deployment
Communicating with stakeholders in new ways
Some of these benefits are ‘soft’. Others are quantifiable. But all have combined to earn the attention of line-of-business managers and IT strategists alike. Web 2.0 is here to stay.
Read the rest of this entry »

• 0 Comments

To combat these new threats one needs to look at different strategies as well. In this paper we shall look at different approaches and tools to improve security posture at both, the server as well as browser ends. Listed below are the key learning objectives:
• The need for Ajax fingerprinting and content filtering.
• The concept of Ajax fingerprinting and its implementation in the browser using XHR.
• Processing Ajax fingerprints on the Web server.
• Implementation using ModSecurity for Apache
• Strengthening browser security using HTTP response content filtering of untrusted information directed at the browser in the form of RSS feeds or blogs.
• Web application firewall (WAF) for content filtering and defense against Cross-Site Scripting (XSS)
Read the rest of this entry »

• 0 Comments

Whether we like it or not, Web 2.0 technologies are profoundly changing the way we work and interact. User-generated Web content—hosted applications, blogs, wikis, social networking sites, RSS feeds—is rapidly creeping into organizations, offering users new ways to collaborate and communicate.
Read the rest of this entry »

• 0 Comments