- Malware The Changing Landscape of Malware for Mobile Devices
Mobile malware targets sensitive transactions including banking and two-factor authentication. ZeuS variants intercept SMS authentication codes across Symbian, BlackBerry, Windows Mobile, and...
- Social Networking How Clickjacking Attacks Work
Clickjacking tricks users into clicking invisible elements from other sites—commonly used to propagate Facebook links. Advanced variations can de-anonymize visitors by capturing their identity when...
- Tools Using Pastebin Sites for Pen Testing Reconnaissance
Pastebin sites can aid penetration testing reconnaissance—stolen data, source code snippets, configuration details, and employee information often appear there. Tools like Pastebin Parser search...
- Social Networking Security Implications of the "Web" Becoming the "Social Web"
The web is becoming the social web—instant communication, public archives, mobile access, weak relationships. Security implications: business interactions occur outside corporate networks, data leaks...
- Authentication The Use of Pastebin for Sharing Stolen Data
Attackers use Pastebin for sharing stolen data because it's easy, handles large text, doesn't require registration, and doesn't proactively moderate. Trending pastes often include compromised...
- Authentication We Still Suck at Protecting Logon Credentials
Recent breaches at Lockheed Martin, Mt. Gox, PBS, and Sony PlayStation show we still fail at protecting credentials. Attackers compromise them via remote password guessing, SQL injection to retrieve...