Chia Sẽ Kinh Nghiệm Về IT



Tìm Kiếm Với Google
-


Gởi Ðề Tài Mới  Gửi trả lời
 
Công Cụ Xếp Bài
Tuổi 05-10-2009, 01:00 PM   #1
hoctinhoc
Guest
 
Trả Lời: n/a
Tổng hợp Tạp Chí Bảo Mật [IN]SECURE
Tổng hợp Tạp Chí Bảo Mật [IN]SECURE

Tổng hợp Tạp Chí Bảo Mật [IN]SECURE


1.ISSUE 1 (April 2005)



The covered topics are:

* Does Firefox really provide more security than Internet Explorer?
* Security risks associated with portable storage devices
* 10 tips on protecting customer information from identity theft
* Linux security - is it ready for the average user?
* How to secure your wireless network
* Considerations for preventing information leakage
* An introduction to securing Linux with Apache, ProFTPd & Samba
* Security vulnerabilities in PHP Web applications.

Download

2.ISSUE 2 (June 2005)



The covered topics are:

* Information security in campus and open environments
* Web applications worms - the next Internet infestation
* Integrating automated patch and vulnerability management into an enterprise-wide environment
* Advanced PHP security - vulnerability containment
* Protecting an organization’s public information
* Application security: the noveau blame game
* What you need to know before migrating your applications to the Web
* Clear cut cryptography
* How to lock down enterprise data with infrastructure services.

Download

3.ISSUE 3 (August 2005)



The covered topics are:

* Security vulnerabilities, exploits and patches
* PDA attacks: palm sized devices - PC sized threats
* Adding service signatures to Nmap
* CSO and CISO - perception vs. reality in the security kingdom
* Unified threat management: IT security's silver bullet?
* The reality of SQL injection
* 12 months of progress for the Microsoft Security Response Centre
* Interview with Michal Zalewski, security researcher
* OpenSSH for Macintosh
* Method for forensic validation of backup tape.

Download

4.ISSUE 4 (October 2005)




The covered topics are:

* Structured traffic analysis
* Access Control Lists in Tiger and Tiger Server - true permission management
* Automating I.T. security audits
* Biometric security
* PDA attacks, part 2: airborne viruses - evolution of the latest threats
* Build a custom firewall computer
* Lock down your kernel with grsecurity
* Interview with Sergey Ryzhikov, director of Bitrix
* Best practices for database encryption solutions.

Download

5.ISSUE 5 (January 2006)




The covered topics are:

* Web application firewalls primer
* Review: Trustware BufferZone 1.6
* Threat analysis using log data
* Looking back at computer security in 2005
* Writing an enterprise handheld security policy
* Digital Rights Management
* Revenge of the Web mob
* Hardening Windows Server 2003 platforms made easy
* Filtering spam server-side.

Download

6.ISSUE 6 (March 2006)




The covered topics are:
* Best practices in enterprise database protection
* Quantifying the cost of spyware to the enterprise
* Security for websites - breaking sessions to hack into a machine
* How to win friends and influence people with IT security certifications
* The size of security: the evolution and history of OSSTMM operational security metrics
* Interview with Kenny Paterson, Professor of Information Security at Royal Holloway, University of London
* PHP and SQL security today
* Apache security: Denial of Service attacks
* War-driving in Germany - CeBIT 2006.

Download

7.ISSUE 7 (June 2006)




The covered topics are:

* SSH port forwarding: security from two perspectives, part one
* An inside job
* CEO spotlight: Q&A with Patricia Sueltz, SurfControl
* Server monitoring with munin and monit
* Compliance vs. awareness in 2006
* Infosecurity 2006
* 2005 *nix malware evolution
* InfoSec World 2006
* Overview of quality security podcasts.

Download

8.ISSUE 8 (September 2006)



The covered topics are:

* Payment Card Industry demystified
* Skype: how safe is it?
* Computer forensics vs. electronic evidence
* Review: Acunetix Web Vulnerability Scanner 4.0
* SSH port forwarding - security from two perspectives, part two
* Log management in PCI compliance
* Airscanner vulnerability summary: Windows Mobile security software fails the test
* Proactive protection: a panacea for viruses?
* Introducing the MySQL Sandbox
* Continuous protection of enterprise data: a comprehensive approach.

Download

9.ISSUE 9 (December 2006)



The covered topics are:

* Effectiveness of security by admonition: a case study of security warnings in a web browser setting
* Interview with Kurt Sauer, CSO at Skype
* Web 2.0 defense with AJAX fingerprinting and filtering
* Hack In The Box Security Conference 2006
* Where iSCSI fits in enterprise storage networking
* Recovering user passwords from cached domain records
* Do portable storage solutions compromise business security?
* Enterprise data security - a case study
* Creating business through virtual trust: how to gain and sustain a competitive advantage using information security.

Download

10.ISSUE 10 (February 2007)



The covered topics are:

* Microsoft Windows Vista: significant security improvement?
* Review: GFI Endpoint Security 3
* Interview with Edward Gibson, Chief Security Advisor at Microsoft UK
* Top 10 spyware of 2006
* The spam problem and open source filtering solutions
* Office 2007: new format and new protection/security policy
* Wardriving in Paris
* Interview with Joanna Rutkowska, security researcher
* Climbing the security career mountain: how to get more than just a job
* RSA Conference 2007 report
* ROT13 is used in Windows? You're joking!
* Data security beyond PCI compliance - protecting sensitive data in a distributed environment.

Download


11.ISSUE 11 (May 2007)



The covered topics are:

* On the security of e-passports
* Review: GFI LANguard Network Security Scanner 8
* Critical steps to secure your virtualized environment
* Interview with Howard Schmidt, President and CEO R & H Security Consulting
* Quantitative look at penetration testing
* Integrating ISO 17799 into your Software Development Lifecycle
* Public Key Infrastructure (PKI): dead or alive?
* Interview with Christen Krogh, Opera Software's Vice President of Engineering
* Super ninja privacy techniques for web application developers
* Security economics
* iptables - an introduction to a robust firewall
* Black Hat Briefings & Training Europe 2007
* Enforcing the network security policy with digital certificates.

Download

12.ISSUE 12 (July 2007)



The covered topics are:

* Enterprise grade remote access
* Review: Centennial Software DeviceWall 4.6
* Solving the keylogger conundrum
* Interview with Jeremiah Grossman, CTO of WhiteHat Security
* The role of log management in operationalizing PCI compliance
* Windows security: how to act against common attack vectors
* Taking ownership of the Trusted Platform Module chip on Intel Macs
* Compliance, IT security and a clear conscience
* Key management for enterprise data encryption
* The menace within
* A closer look at the Cisco CCNP Video Mentor
* Network Access Control.

Download

13.ISSUE 13 (September 2007)



The covered topics are:

* Interview with Janne Uusilehto, Head of Nokia Product Security
* Social engineering social networking services: a LinkedIn example
* The case for automated log management in meeting HIPAA compliance
* Risk decision making: whose call is it?
* Interview with Zulfikar Ramzan, Senior Principal Researcher with the Advanced Threat Research team at Symantec
* Securing VoIP networks: fraud
* PCI DSS compliance: a difficult but necessary journey
* A security focus on China outsourcing
* A multi layered approach to prevent data leakage
* Safeguard your organization with proper password management
* Interview with Ulf Mattsson, Protegrity CTO
* DEFCON 15
* File format fuzzing
* IS2ME: Information Security to Medium Enterprise

Download

14.ISSUE 14 (November 2007)



The covered topics are:

* Attacking consumer embedded devices
* Review: QualysGuard
* CCTV: technology in transition - analog or IP?
* Interview with Robert "RSnake" Hansen, CEO of SecTheory
* The future of encryption
* Endpoint threats
* Review: Kaspersky Internet Security 7.0
* Interview with Amol Sarwate, Manager, Vulnerability Research Lab, Qualys Inc.
* Network access control: bridging the network security gap
* Change and configuration solutions aid PCI auditors
* Data protection and identity management
* Information security governance: the nuts and bolts
* 6 CTOs, 10 Burning Questions: AirDefense, AirMagnet, Aruba Networks, AirTight Networks, Fortress Technologies and Trapeze Networks
* AND MORE!

Download

15.ISSUE 15 (February 2008)



The covered topics are:

* Proactive analysis of malware genes holds the key to network security
* Advanced social engineering and human exploitation
* Free visualization tools for security analysis and network monitoring
* Internet terrorist: does such a thing really exist?
* Weaknesses and protection of your wireless network
* Fraud mitigation and biometrics following Sarbanes-Oxley
* Application security matters: deploying enterprise software securely
* The insider threat: hype vs. reality
* How B2B gateways affect corporate information security
* Reputation attacks, a little known Internet threat
* Data protection and identity management
* The good, the bad and the ugly of protecting data in a retail environment
* Malware experts speak: F-Secure, Sophos, Trend Micro
* AND MORE!

Download

16.ISSUE 16 (April 2008)



The covered topics are:

* Security policy considerations for virtual worlds
* US political elections and cybercrime
* Using packet analysis for network troubleshooting
* The effectiveness of industry certifications
* Is your data safe? Secure your web apps
* RSA Conference 2008 / Black Hat 2008 Europe
* Windows log forensics: did you cover your tracks?
* Traditional vs. non-tranditional database auditing
* Payment card data: know your defense options
* Security risks for mobile computing on public WLANs: hotspot registration
* Network event analysis with Net/FSE
* Producing secure software with security enhanced software development processes
* AND MORE!

Download

17.ISSUE 17 (July 2008)



The covered topics are:

* Open redirect vulnerabilities: definition and prevention
* The future of security is information-centric
* Securing the enterprise data flow against advanced attacks
* Bypassing and enhancing live behavioral protection
* Security flaws identification and technical risk analysis through threat modeling
* Migration from e-mail to web borne threats
* Security training and awareness: strengthening your weakest link
* Assessing risk in VoIP/UC networks
* Building a secure wireless network for under $300
* Reverse engineering software armoring
* Point security solutions are not a 4 letter word
* Hacking Second Life
* AND MORE!

Download

18.ISSUE 18 (October 2008)



The covered topics are:

* Network and information security in Europe today
* Browser security: bolt it on, then build it in
* Passive network security analysis with NetworkMiner
* Lynis - an introduction to UNIX system auditing
* Windows driver vulnerabilities: the METHOD_NEITHER odyssey
* Removing software armoring from executables
* Insecurities in privacy protection software
* Compliance does not equal security but it's a good start
* Secure web application development
* The insider threat
* Web application security: risky business?
* AND MORE!

Download

19.ISSUE 19 (December 2008)



The covered topics are:

* The future of AV: looking for the good while stopping the bad
* Eight holes in Windows login controls
* Extended validation and online security: EV SSL gets the green light
* Interview with Giles Hogben, an expert on identity and authentication technologies working at ENISA
* Web filtering in a Web 2.0 world
* RSA Conference Europe 2008
* The role of password management in compliance with the data protection act
* Securing data beyond PCI in a SOA environment: best practices for advanced data protection
* Three undocumented layers of the OSI model and their impact on security
* Interview with Rich Mogull, founder of Securosis
* AND MORE!

Download

20.ISSUE 20 (March 2009)



The covered topics are:

* Improving network discovery mechanisms
* Building a bootable BackTrack 4 thumb drive with persistent changes and Nessus
* What you need to know about tokenization
* Q&A: Vincenzo Iozzo on Mac OS X security
* A framework for quantitative privacy measurement
* Why fail? Secure your virtual assets
* Phased deployment of Network Access Control
* Web 2.0 case studies: challenges, approaches and vulnerabilities
* ISP level malware filtering
* Q&A: Scott Henderson on the Chinese underground
* AND MORE!

Download


21.(IN)SECURE Magazine - June 2009




* Malicious PDF: Get owned without opening
* Review: IronKey Personal
* Windows 7 security features: Building on Vista
* Using Wireshark to capture and analyze wireless traffic
* "Unclonable" RFID - a technical overview
* Secure development principles
* Q&A: Ron Gula on Nessus and Tenable Network Security
* Establish your social media presence with security in mind
* A historical perspective on the cybersecurity dilemma
* A risk-based, cost effective approach to holistic security
# AND MORE!

Download


22.(IN)SECURE Magazine - September 2009





# Using real-time events to drive your network scans
# The Nmap project: Open source with style
# A look at geolocation, URL shortening and top Twitter threats
# Review: Data Locker
# Making clouds secure
# Top 5 myths about wireless protection
# Securing the foundation of IT systems
# Is your data recovery provider a data security problem?
# Security for multi-enterprise applications
# In mashups we trust?
# AND MORE!

Download


Theo: Thegioimang





  Trả lời ngay kèm theo trích dẫn này
Gửi trả lời



Quyền Hạn Của Bạn
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is Mở
Hình Cảm xúc đang Mở
[IMG] đang Mở
Mã HTML đang Tắt




Bây giờ là 11:42 AM. Giờ GMT +7



Diễn đàn tin học QuantriNet
quantrinet.com | quantrimang.co.cc
Founded by Trương Văn Phương | Developed by QuantriNet's members.
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.