InfoSec briefings
This paper gives a technical introduction to the name services which a customer's computer use to locate and connect to online services and how they can be exploited by a grouping of attack vectors now referred to as "Pharming" to conduct identity theft and financial fraud on a massive scale. The paper concludes with advice on how to defend against Pharming attacks
This briefing details social engineering methodologies, the psychological triggers employed by attackers to target vulnerable staff and gives advice on protective measures.
This document aims to provide insight into the secure development and installation of web applications by exposing the pitfalls of web application design and addressing how to stop future attackers.
This paper covers the technologies and security flaws phishers exploit to conduct their attacks, and provides vendor-neutral advice on what organisations can do to prevent future attacks.
This paper focuses on the threat posed to the critical national infrastructure by Botnets. It discusses the current scope and scale of the Botnet problem, and offers simple mitigation advice.
This paper warns of trojanised email attacks that are targeting companies and the UK Government. Issued in June 2005 it describes the attack and provides detection and protection advice.
This paper is an ideal starting point for those wanting to mitigate malicious software. It outlines the key topics and provides links to the best available sources of advice.
20/02/2008