Et Cetera

Mon
22
Jun

Thick Client Application Security

Contributed by Arindam Mandal.
This paper discusses the critical vulnerabilities and corresponding risks in a two tier thick client application along with the measures to mitigate risks. Thick client is defined as an application client that processes data in addition to rendering. An example of thick client application can be a Visual Basic, JAVA or VB.NET application that communicates with a database.

The risks observed in thick client applications generally include information disclosure, unauthorized access, authentication bypass, application crash, unauthorized execution of high privilege transactions or privilege escalation. It is interesting to note that most of the Open Web Application Security Project1 (OWASP) Top 10 vulnerabilities are as applicable to Thick client applications as they are to web applications.

Tue
26
May

How to build and use a Honeypot

Contributed by Ralph Edward Sutton, Jr.

Abstract
Everybody has gotten hacked one way or another when dealing with computers. When I ran across the idea of a honeypot and what exactly it was I became intrigued with the idea of actually getting back at these mysterious hackers. I want to build a honeypot, put it on my home network, and see what I can attract. I will build a honeypot and put it out for business. I researched what the ideal computer set up would be and built one. I will discuss the computer, how to build one, and what my results were.

Thu
14
May

Cyber Espionage

Contributed by Codey Disney

In an age where the internet has become an essential and dependent part of everyday life, information and data is constantly being added at an almost inconceivably fast rate every second. With the constant evolution and implementation of technology in society an influx of data is being converted to the internet and the use of hard-copies to computers. Conversely to this, the number of people trying illegally to acquire this information has escalated.

Wed
13
May

Terrorist Threats to Cyber Security

Contributed by Patrick Murray

This paper will focus on the current growing threat of terrorist organizations as it applies to network security threats. There are many ways that common traditional cyber-attacks could be applied by these organizations that would result in devastating results. These include simple mass DDOS attacks on government or corporate systems harming the economy of a nation. There could also be intrusions into systems to gain sensitive information about national security or weapons plans and other advanced technology from government contractors. Lastly they could attack the accounts of companies and individuals or use ransom ware to gain access to near unlimited sources of funding. The paper will then detail both the effects of each of these potential attacks in the context of a terrorist attack and also the means that can be used to prevent them.

Pages

Subscribe to RSS - Et Cetera