|
||||||||
|
||||||||
|
|
Công Cụ | Xếp Bài |
|
05-10-2009, 01:00 PM | #1 |
Guest
Trả Lời: n/a
|
Tổng hợp Tạp Chí Bảo Mật [IN]SECURE
Tổng hợp Tạp Chí Bảo Mật [IN]SECURE
Tổng hợp Tạp Chí Bảo Mật [IN]SECURE 1.ISSUE 1 (April 2005) The covered topics are: * Does Firefox really provide more security than Internet Explorer? * Security risks associated with portable storage devices * 10 tips on protecting customer information from identity theft * Linux security - is it ready for the average user? * How to secure your wireless network * Considerations for preventing information leakage * An introduction to securing Linux with Apache, ProFTPd & Samba * Security vulnerabilities in PHP Web applications. Download 2.ISSUE 2 (June 2005) The covered topics are: * Information security in campus and open environments * Web applications worms - the next Internet infestation * Integrating automated patch and vulnerability management into an enterprise-wide environment * Advanced PHP security - vulnerability containment * Protecting an organization’s public information * Application security: the noveau blame game * What you need to know before migrating your applications to the Web * Clear cut cryptography * How to lock down enterprise data with infrastructure services. Download 3.ISSUE 3 (August 2005) The covered topics are: * Security vulnerabilities, exploits and patches * PDA attacks: palm sized devices - PC sized threats * Adding service signatures to Nmap * CSO and CISO - perception vs. reality in the security kingdom * Unified threat management: IT security's silver bullet? * The reality of SQL injection * 12 months of progress for the Microsoft Security Response Centre * Interview with Michal Zalewski, security researcher * OpenSSH for Macintosh * Method for forensic validation of backup tape. Download 4.ISSUE 4 (October 2005) The covered topics are: * Structured traffic analysis * Access Control Lists in Tiger and Tiger Server - true permission management * Automating I.T. security audits * Biometric security * PDA attacks, part 2: airborne viruses - evolution of the latest threats * Build a custom firewall computer * Lock down your kernel with grsecurity * Interview with Sergey Ryzhikov, director of Bitrix * Best practices for database encryption solutions. Download 5.ISSUE 5 (January 2006) The covered topics are: * Web application firewalls primer * Review: Trustware BufferZone 1.6 * Threat analysis using log data * Looking back at computer security in 2005 * Writing an enterprise handheld security policy * Digital Rights Management * Revenge of the Web mob * Hardening Windows Server 2003 platforms made easy * Filtering spam server-side. Download 6.ISSUE 6 (March 2006) The covered topics are: * Best practices in enterprise database protection * Quantifying the cost of spyware to the enterprise * Security for websites - breaking sessions to hack into a machine * How to win friends and influence people with IT security certifications * The size of security: the evolution and history of OSSTMM operational security metrics * Interview with Kenny Paterson, Professor of Information Security at Royal Holloway, University of London * PHP and SQL security today * Apache security: Denial of Service attacks * War-driving in Germany - CeBIT 2006. Download 7.ISSUE 7 (June 2006) The covered topics are: * SSH port forwarding: security from two perspectives, part one * An inside job * CEO spotlight: Q&A with Patricia Sueltz, SurfControl * Server monitoring with munin and monit * Compliance vs. awareness in 2006 * Infosecurity 2006 * 2005 *nix malware evolution * InfoSec World 2006 * Overview of quality security podcasts. Download 8.ISSUE 8 (September 2006) The covered topics are: * Payment Card Industry demystified * Skype: how safe is it? * Computer forensics vs. electronic evidence * Review: Acunetix Web Vulnerability Scanner 4.0 * SSH port forwarding - security from two perspectives, part two * Log management in PCI compliance * Airscanner vulnerability summary: Windows Mobile security software fails the test * Proactive protection: a panacea for viruses? * Introducing the MySQL Sandbox * Continuous protection of enterprise data: a comprehensive approach. Download 9.ISSUE 9 (December 2006) The covered topics are: * Effectiveness of security by admonition: a case study of security warnings in a web browser setting * Interview with Kurt Sauer, CSO at Skype * Web 2.0 defense with AJAX fingerprinting and filtering * Hack In The Box Security Conference 2006 * Where iSCSI fits in enterprise storage networking * Recovering user passwords from cached domain records * Do portable storage solutions compromise business security? * Enterprise data security - a case study * Creating business through virtual trust: how to gain and sustain a competitive advantage using information security. Download 10.ISSUE 10 (February 2007) The covered topics are: * Microsoft Windows Vista: significant security improvement? * Review: GFI Endpoint Security 3 * Interview with Edward Gibson, Chief Security Advisor at Microsoft UK * Top 10 spyware of 2006 * The spam problem and open source filtering solutions * Office 2007: new format and new protection/security policy * Wardriving in Paris * Interview with Joanna Rutkowska, security researcher * Climbing the security career mountain: how to get more than just a job * RSA Conference 2007 report * ROT13 is used in Windows? You're joking! * Data security beyond PCI compliance - protecting sensitive data in a distributed environment. Download 11.ISSUE 11 (May 2007) The covered topics are: * On the security of e-passports * Review: GFI LANguard Network Security Scanner 8 * Critical steps to secure your virtualized environment * Interview with Howard Schmidt, President and CEO R & H Security Consulting * Quantitative look at penetration testing * Integrating ISO 17799 into your Software Development Lifecycle * Public Key Infrastructure (PKI): dead or alive? * Interview with Christen Krogh, Opera Software's Vice President of Engineering * Super ninja privacy techniques for web application developers * Security economics * iptables - an introduction to a robust firewall * Black Hat Briefings & Training Europe 2007 * Enforcing the network security policy with digital certificates. Download 12.ISSUE 12 (July 2007) The covered topics are: * Enterprise grade remote access * Review: Centennial Software DeviceWall 4.6 * Solving the keylogger conundrum * Interview with Jeremiah Grossman, CTO of WhiteHat Security * The role of log management in operationalizing PCI compliance * Windows security: how to act against common attack vectors * Taking ownership of the Trusted Platform Module chip on Intel Macs * Compliance, IT security and a clear conscience * Key management for enterprise data encryption * The menace within * A closer look at the Cisco CCNP Video Mentor * Network Access Control. Download 13.ISSUE 13 (September 2007) The covered topics are: * Interview with Janne Uusilehto, Head of Nokia Product Security * Social engineering social networking services: a LinkedIn example * The case for automated log management in meeting HIPAA compliance * Risk decision making: whose call is it? * Interview with Zulfikar Ramzan, Senior Principal Researcher with the Advanced Threat Research team at Symantec * Securing VoIP networks: fraud * PCI DSS compliance: a difficult but necessary journey * A security focus on China outsourcing * A multi layered approach to prevent data leakage * Safeguard your organization with proper password management * Interview with Ulf Mattsson, Protegrity CTO * DEFCON 15 * File format fuzzing * IS2ME: Information Security to Medium Enterprise Download 14.ISSUE 14 (November 2007) The covered topics are: * Attacking consumer embedded devices * Review: QualysGuard * CCTV: technology in transition - analog or IP? * Interview with Robert "RSnake" Hansen, CEO of SecTheory * The future of encryption * Endpoint threats * Review: Kaspersky Internet Security 7.0 * Interview with Amol Sarwate, Manager, Vulnerability Research Lab, Qualys Inc. * Network access control: bridging the network security gap * Change and configuration solutions aid PCI auditors * Data protection and identity management * Information security governance: the nuts and bolts * 6 CTOs, 10 Burning Questions: AirDefense, AirMagnet, Aruba Networks, AirTight Networks, Fortress Technologies and Trapeze Networks * AND MORE! Download 15.ISSUE 15 (February 2008) The covered topics are: * Proactive analysis of malware genes holds the key to network security * Advanced social engineering and human exploitation * Free visualization tools for security analysis and network monitoring * Internet terrorist: does such a thing really exist? * Weaknesses and protection of your wireless network * Fraud mitigation and biometrics following Sarbanes-Oxley * Application security matters: deploying enterprise software securely * The insider threat: hype vs. reality * How B2B gateways affect corporate information security * Reputation attacks, a little known Internet threat * Data protection and identity management * The good, the bad and the ugly of protecting data in a retail environment * Malware experts speak: F-Secure, Sophos, Trend Micro * AND MORE! Download 16.ISSUE 16 (April 2008) The covered topics are: * Security policy considerations for virtual worlds * US political elections and cybercrime * Using packet analysis for network troubleshooting * The effectiveness of industry certifications * Is your data safe? Secure your web apps * RSA Conference 2008 / Black Hat 2008 Europe * Windows log forensics: did you cover your tracks? * Traditional vs. non-tranditional database auditing * Payment card data: know your defense options * Security risks for mobile computing on public WLANs: hotspot registration * Network event analysis with Net/FSE * Producing secure software with security enhanced software development processes * AND MORE! Download 17.ISSUE 17 (July 2008) The covered topics are: * Open redirect vulnerabilities: definition and prevention * The future of security is information-centric * Securing the enterprise data flow against advanced attacks * Bypassing and enhancing live behavioral protection * Security flaws identification and technical risk analysis through threat modeling * Migration from e-mail to web borne threats * Security training and awareness: strengthening your weakest link * Assessing risk in VoIP/UC networks * Building a secure wireless network for under $300 * Reverse engineering software armoring * Point security solutions are not a 4 letter word * Hacking Second Life * AND MORE! Download 18.ISSUE 18 (October 2008) The covered topics are: * Network and information security in Europe today * Browser security: bolt it on, then build it in * Passive network security analysis with NetworkMiner * Lynis - an introduction to UNIX system auditing * Windows driver vulnerabilities: the METHOD_NEITHER odyssey * Removing software armoring from executables * Insecurities in privacy protection software * Compliance does not equal security but it's a good start * Secure web application development * The insider threat * Web application security: risky business? * AND MORE! Download 19.ISSUE 19 (December 2008) The covered topics are: * The future of AV: looking for the good while stopping the bad * Eight holes in Windows login controls * Extended validation and online security: EV SSL gets the green light * Interview with Giles Hogben, an expert on identity and authentication technologies working at ENISA * Web filtering in a Web 2.0 world * RSA Conference Europe 2008 * The role of password management in compliance with the data protection act * Securing data beyond PCI in a SOA environment: best practices for advanced data protection * Three undocumented layers of the OSI model and their impact on security * Interview with Rich Mogull, founder of Securosis * AND MORE! Download 20.ISSUE 20 (March 2009) The covered topics are: * Improving network discovery mechanisms * Building a bootable BackTrack 4 thumb drive with persistent changes and Nessus * What you need to know about tokenization * Q&A: Vincenzo Iozzo on Mac OS X security * A framework for quantitative privacy measurement * Why fail? Secure your virtual assets * Phased deployment of Network Access Control * Web 2.0 case studies: challenges, approaches and vulnerabilities * ISP level malware filtering * Q&A: Scott Henderson on the Chinese underground * AND MORE! Download 21.(IN)SECURE Magazine - June 2009 * Malicious PDF: Get owned without opening * Review: IronKey Personal * Windows 7 security features: Building on Vista * Using Wireshark to capture and analyze wireless traffic * "Unclonable" RFID - a technical overview * Secure development principles * Q&A: Ron Gula on Nessus and Tenable Network Security * Establish your social media presence with security in mind * A historical perspective on the cybersecurity dilemma * A risk-based, cost effective approach to holistic security # AND MORE! Download 22.(IN)SECURE Magazine - September 2009 # Using real-time events to drive your network scans # The Nmap project: Open source with style # A look at geolocation, URL shortening and top Twitter threats # Review: Data Locker # Making clouds secure # Top 5 myths about wireless protection # Securing the foundation of IT systems # Is your data recovery provider a data security problem? # Security for multi-enterprise applications # In mashups we trust? # AND MORE! Download Theo: Thegioimang |
|
|