Articles on Authentication

• Malware 5 Events in 2011 That Challenged Online Security and Trust Assumptions
• Malware The Dark Side of Remote Desktop
  The Morto worm spread by scanning for RDP on port 3389 and brute-forcing Administrator passwords using common credentials. Tools like TSGrinder and Ncrack automate RDP password attacks. Mitigations...
• Tools Common Failures of Information Security Tools (Part 2)
  HIPS can miss attacks or wrongly block legitimate actions. Log management may fail to capture necessary events or confuse analysts with poor reporting. Vulnerability management tools may miss patches...
• Malware The Changing Landscape of Malware for Mobile Devices
  Mobile malware targets sensitive transactions including banking and two-factor authentication. ZeuS variants intercept SMS authentication codes across Symbian, BlackBerry, Windows Mobile, and...
• Social Networking How Clickjacking Attacks Work
  Clickjacking tricks users into clicking invisible elements from other sites—commonly used to propagate Facebook links. Advanced variations can de-anonymize visitors by capturing their identity when...
• Tools Using Pastebin Sites for Pen Testing Reconnaissance
  Pastebin sites can aid penetration testing reconnaissance—stolen data, source code snippets, configuration details, and employee information often appear there. Tools like Pastebin Parser search...