The Internet is littered with countless stories of individuals who sent emails they shouldn’t have or sent emails to unintended recipients. Before you send an email, ensure that it’s only going to go to the intended recipients and think twice about sending it if it could have a negative impact if it was read by […]
August 2, 2008
Comments Off on GIFAR attack – it looks like an image, but it has a malicious paylod
At this week’s Black Hat security conference, researchers will discuss an attack which they’ve coined the GIFAR attack. The attack involves combining a JAR (Java Archive) file with another file, such as a GIF image file (GIF + JAR = GIFAR). The user’s browser would consider the file a valid image file and display it […]
July 31, 2008
Comments Off on SANS web application security course
The SANS Institute is offering their Web Applications Security Essentials course (SEC422) via their @Home (webcast) program. There’s a 40% discount for those who attended their now defunct Web Application Security Workshop in the last 18 months. VCU hosted that course last June and numerous VCU staff attended it. @Home consists of live webcasts, though […]
July 30, 2008
Comments Off on Application feature – alerting user of concurrent sessions
Earlier this month Google’s Gmail added several new security features to the latest version of Gmail. A user can now see a list of current open sessions associated with the user’s account. See an open session from an IP address you don’t recognize or an access type you don’t use (Mobile for example)? It may […]
July 28, 2008
Comments Off on Companies collect and share your data – check it for free
Numerous private organizations collect data about you and share it with your creditors, employers and insurers. The Fair Credit Reporting Act requires that the 3 national consume reporting companies (Equifax, Experian and TransUnion) each provide you a free copy of your credit report at your request once every 12 months. You can request all 3 […]
July 25, 2008
Comments Off on “Spam King” sentenced, but another spammer escapes
In a victory for email recipients everywhere, “Spam King” Robert Soloway was sentenced to 47 months in federal prison. Soloway had been accused of violating the federal CAN-SPAM Act. In loosely related news, convicted spammer Edward “Eddie” Davidson escaped from a minimum security federal prison camp in Colorado after serving 5 weeks of a 21 […]
July 23, 2008
Comments Off on The cat’s out of the bag – DNS flaw details revealed
Dan Kaminsky’s huge DNS flaw has been revealed.
July 22, 2008
Comments Off on Distance education required to play Big Brother?
A change to the Higher Education Act will require distance education programs to verify that a student who participates in a class is the same person who registered for it.