SearchSecurity.com.au Tips

Discover why compliance professionals need to understand data protection issues in this book extract.

Though the flaws identified in TXT take great expertise to exploit, IT pros should ensure critical system software and VM servers are under lock and key control.

Learn how to use the Cain & Abel tool to manage lost passwords in this video demonstration of the tool.

A flawed ActiveX control can be exploited by an attacker to run malicious code and gain access to critical files.

Looking for security projects with quick ROI? We've got ten you can get done in a hurry to impress newly cost-conscious managers!

Coding errors leave thousands of websites vulnerable, but attackers are starting to target Flash and JavaScript errors for exploitation, experts say.

Microsoft has touted Window Vista as its most secure OS ever, yet it has had its fair share of problems like recent attempts to bypass its memory protections. Does this make the OS a security problem? This piece argues Vista is just fine!

What is the best network location for an important database application? And who should be allowed to access the app?

Learn how log file analysis can help to discover attacks in this extract  from Raffael Marty's Applied Security Visualization.

Learn about 419 scams, backscatter spam and how to quash both.

What do the security features in Google's Chrome browser mean for security pros?

Learn how to defend against brute force attacks on the Secure Shell (SSH) service.

Peer-to-peer telephone services like Skype offer very cheap phone calls. But do they also offer a way for hackers to control a PC or access your data?

Learn how to reduce storage networks' potential to offer an attack vector in a virtualised environment in this expert tip.

There are some differences between FTP and TFTP, but here's the catch: both are inherently insecure protocols.

Network security expert Mike Chapple explores the different characteristics of devices using a front-end/back-end topology and chassis-based firewalls.

Learn how to protect your web servers from encoded syntax attacks, through vulnerability testing.

Although cloud-based antivirus can supply better protection than regular antivirus, it introduces a few problems for administrators.

Employing static analysis early in the development cycle can benefit your bottom line, as this tip explains.

Have you ever received a message from your endpoint security product stating that an intrusion attempt has been blocked? We explain the three likely possibilities for the alert's cause.