Security Features
Criminals use various methods to camouflage the traces of their malicious software on the internet. However, their paths can be retraced using special tools to identify the vulnerability the malware exploited to enter a system
more »
When people click on short URLs from services like bit.ly or tr.im, they don't always know where they'll land until they've actually arrived. The next generation of short URLs even go one step further
more »
Israeli vendor StartSSL offers free SSL server certificates that are valid for a year. This article explains how to apply for a certificate for a domain and install it on the server
more »
In its Security Operations Center (SOC), Symantec remotely monitors its clients' networks for signs of hacking and suspicious activity. We've taken a look inside the SOC
more »
It can be very useful to be able to talk directly with your SMTP or IMAP server for diagnostic purposes. Things get a bit more complicated when encryption rears its ugly head, but with the right tools, it doesn't have to be a black art
more »
The hackers' summer camp has ended without any major events or serious injuries. Inspired by the event the activists have dispersed back into society. Whether these people are really at the centre of the political fight for freedom remains to be seen
more »
Wendy Grossman reports on the proceedings at the Black Hat security conference 2009
more »
Using just open source tools and a few tweaks, it is possible to detect and block suspicious login attempts
more »
Piotr Bania has presented a concept which allows evasive measures used by packed malware to be circumvented
more »
Why does Windows tell me about Internet Explorer 8, but not about the new version of Adobe Reader, which fixes a critical security vulnerability that is already being actively exploited?
more »
Having examined some low cost USB crypto hard disks and found them disappointing we take a look at a more up-market product from Lenovo
more »
Web applications are always threatened by attacks that try to exploit programming weaknesses. The PHP-based, open source PHPIDS solution detects attempted intrusions and raises the alarm in case of a threat. The H offers some practical installation tips
more »
The H Security information page on Conficker is where you can find the latest stand-alone removal tools, news, scanners and tips about the Conficker worm.
more »
SRI International's Malware Threat Center has published a detailed examination of the new mechanisms within the Conficker-C worm
more »
The distribution of hand held, one-time-key 'card readers' led one research team to reverse engineer the underlying protocol and find a number of vulnerabilities
more »
Mozilla has changed the way Firefox 3 handles certificates, but not always for the better. A few modifications will sort things out - and give you more security
more »
Uploading images is a standard requirement for any Web 2.0 application, but some features of Internet Explorer need to be carefully handled, otherwise a hole can open up and facilitate cross-site scripting attacks on site visitors
more »
PayPal have recently introduced some new security options and say they are committed to helping their customers develop a more secure relationship to on-line transactions
more »
heise Security UK talk to Alex Eckleberry, CEO of Sunbelt about their its newest weapon in the battle against malware and what Windows 7 and Morro mean to anti-Malware vendors
more »
Our previous experience with hardware encryption has shown that budget is equivalent to useless. Raidon's Staray S series doesn't seem to be an exception. This article explains how we conducted our analysis
more »
Modern cryptological attacks can crack mobile phone calls, as well as debit and credit cards, in seconds. The trick is to find a practical compromise between computing time and memory space with the help of precomputed tables
more »
At the end of 2008, an international team of researchers forged a Certification Authority certificate. This has far-reaching consequences and has, therefore, created a fair deal of confusion about the actual practical implications
more »
Some unscrupulous suppliers are selling rogue anti-virus products by using a gamut of false positives to frighten unsuspecting users into believing their PCs are infected. Reports even suggest that these programs have taken to carrying their own Trojans
more »
The Browser Security Handbook is a reference on browser security features for developers and security experts
more »
Whether you are talking about certification or 256-bit AES, even the best encryption is compromised if a subsequently added function renders the password vulnerable
more »
