Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
Basic Web Session Impersonation
This article gives a basic introduction to common flaws in web applications that allow a malicious user to hijack a legitimate user's web session. Some practical countermeasures that reduce this threat are also discussed.
Voice over IP Security
This article discusses some of the advantages, disadvantages and security concerns with Voice over IP telephony.
Anti-Spam Solutions and Security, Part 2
The second and final part of this article series focuses on the various types of challenge-based systems and cryptographic solutions that can be used to combat spam and its related security issues.
HIPAA Security Rule
This article presents a detailed overview of the American HIPAA (Health Insurance Portability and Accountability Act) Security Rule and key factors you should consider when preparing to comply with the rule.
Anti-Spam Solutions and Security
This article is the first of a two-part series that discusses the security issues of spam as well as several current anti-spam methodologies.
The Soft Underbelly: Attacking the Client
This article discusses the lack of security inside many corporate networks once hackers have breached the border perimeter and firewall. Client-based attack vectors, malicious payloads and their potential impact to an organization are also discussed.
Digital Signatures and European Laws
This article discusses the security requirements for electronic communications and commerce with European governments and many European-based businesses. It will also give an overview of the current trends for public key infrastructure in Europe, useful for any organization that does business with the EU.
Home User Security: Personal Firewalls
This article discusses personal firewall alternatives, including freeware firewalls, firewalls included with current Microsoft and Apple OSes, and various commercial offerings of interest to the home user.
Home User Security: Your First Defense
This article focuses on protecting the home office through personal firewall software, as well as general security measures that are often overlooked by home users.
Banking Scam Revealed
A detailed analysis of the recent "phishing" scam that targeted Citibank customers. This paper describes the use of compromised hosts, Website redirection and the specifics of a unique bulk-mailing tool that has been repeatedly used in the recent rash of financial email scams.