This tutorial will cover the process of writing a buffer overflow exploit for a known vulnerability in the Vulnserver application. This is the fifth article in the Vulnserver series. Vulnserver is a Windows server application...

The advance in technology brought us mobile phones with almost the same power and features as our personal computers. Something that criminal minds will find a way to exploit for their gain as the history has shown. In late...

Communications around the world are gradually going digital. I was born in 1984. I would expect, if I entered a typical office workplace that year, to find various filing cabinets, stacks of paper letters, memos and invoices,...

Anonymous is the most famous ‘hacktivist’ group in the world. The informal nature of the group makes its mechanics difficult to define. Subsequently, without a formal organizational hierarchy, it’s difficult to explain...

In the first installment of this series, we discussed application security within the Software Development Process by demystifying the adoption of security controls within the development organization. We also took a deeper...

Last week, the New York Times scooped a story that the Obama administration “intensely debated” plans to use cyber warfare as part of the March 2011 military intervention in Libya and in the May 2011 operation in Pakistan that...

InfoSec Institute has been selected by Training Industry, Inc. as 2011 Top Training Company. * First time 'Top Training Company' has been a security-focused provider * Young and nimble training providers can keep up with...

Information security is a vast field and has a broad interest there are so many penetration tester and ethical hacker out there that provides there services for network and web application testing. IT auditing is an essential...

There is this misconception that iPhones are protected by the iPhone passcode. This may be true for non-jailbroken iPhones, but not for jailbroken ones. It is possible to have root access to the iPhone file system using tools...

WordPress is the most popular Content Management System (CMS) on the World Wide Web. I’m one of the two web developers for Liberbyte.com, a tech blog with a focus on end user education and open source. I’ve done enough raw...

Confident Technologies Inc.’s (CTI) KillSwitch collects data on hacking attempts to help information security (IS) professionals safeguard their companies’ online properties and mobile applications against brute-force attacks...

Metasploit has now become the king of tools used in penetration testing. It’s comprised of a collection of all available exploits. The tool has its pros and cons; some advantages are: Just as a comparison between automatic and...

A rootkit is a piece of software that is written by someone, who at the very least, wants to spy on specific system calls made by an application, for some purpose. It’ll usually hide itself from normal directory and process...

“The iPhone bug has to do with telling the phone there is a certain amount of data, and then not sending it as much as you said you would. The function that reads the data starts returning -1 to indicate an error, but the other...

DNS cache poisoning is a security compromise in which an attacker changes the resolver cache database entries of a DNS with some false information. The DNS server will then infect the user’s local resolver cache database with...