[security] Forum Topics

[ATTACH=RIGHT]22280[/ATTACH]Mobile phone security threats used to be mocked by everyone outside of vendors with mobile antivirus software to sell. That has changed, and how. The online media headlines have been full to bursting with reports that 'mobile malware' had grown by a staggering 273 percent in the first half of …

Mobile malware has moved from the security vendor testing labs, out of the realms of marketing hype and FUD, and [firmly onto your smartphone](http://www.daniweb.com/hardware-and-software/tablets-and-mobile-devices/news/382139/how-mobile-malware-actually-grew-by-1400-percent-in-the-last-12-months). The main target for the malware distributors would appear to be the Android platform, which is not surprising given the rapid growth in the userbase coupled …

I am getting rather fed up of seeing posts in the feeds of my Facebook Friends, including many who really should know better, advertising a supposed £175 value Tesco supermarket voucher giveaway. I say 'should know better' as the culprits have included technology journalists, computer magazine editors and IT consultants; …

Everyone loves PHP these days it seems, and that includes the bad guys. So it should come as no surprise to learn that yet another remote access Trojan written using PHP has appeared. However, the fact that this particular bit of PHP backdoor code comes complete with a second, hidden, …

what are the drawbacks of Implementing digital signature with RSA encryption algorithm to enhance the Data Security of cloud in Cloud Computing.

It's not often that Microsoft recommends that Windows users should disable a much hyped part of the OS, but that's exactly what has happened regarding the Windows Sidebar and Windows Gadgets found in Windows Vista and Windows 7. [Microsoft Security Advisory 2719662](http://technet.microsoft.com/en-us/security/advisory/2719662) clearly states "Disabling the Windows Sidebar and Gadgets …

An investigation by UKFast has revealed that it is possible to build a super-cracker computer for around the same price as your average low-spec budget desktop PC. Yet unlike your average budget PC, it is claimed that this cybercrime dream machine is capable of processing billions of password combinations per …

how we give executable file security using java

Hi all. I have just setup iis on my windows 7 laptop. Just wondering if there are any settings I should change to make sure it is secure. Currently have the server running, and can access it by static ip from outside networks. Any help is much appreciated. Cheers

Please i am now in my final year and decided to do a project in Network Security.But presently i am blank as to what doable projects i can research on.Please Help suggest projects which you think is good and doable.Post here or email me on *** [email]frank.kent@yahoo.com[/email] ***

My iPhone is always with me, and I will admit to having mild panic attacks if I misplace it around the office or house. Only once have I had cause to go into major panic mode though, and that was when I managed to leave my iPhone and my car …

[ATTACH=RIGHT]22544[/ATTACH]Three and a half years ago, DaniWeb was reporting how [URL="http://www.daniweb.com/hardware-and-software/networking/news/218954"]stolen credit cards could be purchased online[/URL] for as little as $10 per card, complete with a guarantee that the accounts behind the cards were active, when purchased in larger volumes. So how has the market changed since the start …

The head of the UK MI5 intelligence agency, Jonathan Evans, has this week warned that the [London 2012 Olympic Games](http://www.london2012.com/) "present an attractive target for our enemies and they will be at the centre of the world's attention in a month or so". But most of the concern, and indeed …

As a three times winner of the IT Security Journalist of the Year award in the UK, I am used to writing about all kinds of scams. Whilst most of them try and weasel their way into the bank accounts of the victim through purely online means, increasingly the bad …

Acronis responds to DaniWeb questions regarding a leak of customer data which, [as we exclusively reported over the weekend](http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/news/427455/breaking-acronis-blames-technical-issue-for-customer-data-leak), resulted in some information being indexed by search engines and accessible to anyone on the Internet.  Although the leak itself was identified by Acronis on Friday 29th June, the …

Following on from the news earlier this month that [LinkedIn had suffered a major security breach](http://www.daniweb.com/internet-marketing/social-media-and-web-communities/news/425019/linkedin-confirms-six-million-password-hack-check-if-yours-is-one-of-them) involving the compromise of at least six million user passwords, and then dating site [eHarmony apparently falling victim to the same password hacking compromise](http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/news/425118/dating-disaster-eharmony-confirms-passwords-exposed-by-linkedin-hacker), the latest to be hit would appear to be the …

Hi guys, I really don't know how to list the content of that box in AD. Can you give me some hints - I found none so far :(  Thx for your help!

Recently we have all become somewhat over-exposed to the leaking of customer data courtesy of inadequate security allowing hackers to gain access to databases. The [LinkedIn LeakedOut leak](http://www.daniweb.com/internet-marketing/social-media-and-communities/news/425019/linkedin-confirms-six-million-password-hack-check-if-yours-is-one-of-them) and [eHarmony dating data disaster](http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/news/425118/dating-disaster-eharmony-confirms-passwords-exposed-by-linkedin-hacker#post1817377) are good examples of the genre. However, let's not forget that sometimes no hackers are required to …

At least 55,000 Twitter accounts would appear to have been compromised in a breach perpetrated by members of the Anonymous hacking collective. Details of the accounts, including usernames and passwords, appeared across a total of no less than five pages at Pastebin yesterday.  However, appearances can often be …

I've looked everywhere and haven't found a clear step by step tutorial on how to secure sessions/cookies. Here are snippets of my code, i'd like to know how i can improve on session security to prevent fixation/hijacking and cookie safety. This is snippets of code for the user login system. …

Hi, all, This may not be the correct place to ask this question, but I can't find another forum that seems to match my question. We have a web site which stores : user's name (which is not validated in any way, so we have lots of Donald Ducks and …

A password is defined as being a "secret word or string of characters" that is used to authenticate identity and enable access to a resource. The emphasise being on the word secret, although 'unique' is equally important when it comes to password security. Which is why the list of the …

For security reasons, several articles recommend "do not cache pages". So I usually put the following at the beginning of my web pages header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); That works very …

Hi all, I have the following code to process through my requests, then use in a database. FIRST of all, I was wondering if i have it in the right order, and SECOND, if there are any other steps i could do to secure up my application. have a look, …

A cyber weapon grade piece of malware, some twenty times the size of Stuxnet, has apparently been fired at a number of countries in the Middle East. This highly complex piece of code which takes screenshots of any open 'programs of interest' such as email or IM, records audio and …

Hi, I'm a developer by trade but I've done some networking in the past (mostly buying and creating machine specifications but also a bit of firewall management and AD policies,) In a previous company I was even Manager of the Systems department (Developers and IT guys) Anyway I've recently joined …

I am creating a website although during a trial run with a couple of friends they uncovered a bit of a major issue.... the ability to spam. I have added a hidden box e.t.c. to attempt to prevent bots from spamming but my friends where able to post twenty messages …

The Serious Organised Crime Agency (SOCA) website remains offline after being hit by a Distributed Denial of Service (DDoS) attack for the second time in the space of a year. Last June it was the hacktivist group LulzSec which claimed responsibility; this time nobody has yet come forward to admit …

The Flashback Trojan has infected at least 600,000 Apple computers running Mac OS X according to the Russian AV company [Dr Web](http://www.drweb.com/?lng=en) which researched the spread of the malware which was originally discovered at the end of last year and for which Apple issued a security patch just this week. …

If you are a user of Adobe Flash, be sure to apply the latest security update if you want to avoid becoming part of an in-the-wild attack exploiting a vulnerability which currently seems to be exploiting users of Internet Explorer on the Windows platform only. Adobe has, however, issued an …