Ken Munro

Video processors are a powerful weapon when it comes to password cracking, and they're easily available Social networking sites are a security minefield, so we have created some exercises to test for vulnerabilities. Could firmware infections during the manufacturing process create backdoors in your network? As big business finally gets a hold on security, SMEs relying on off-the-shelf e-commerce tools are easy prey. The easiest way into any system is likely to be the defaults, so make sure you don't leave an open door for criminals. Encryption is pointless if not applied to an entire session. It only gives users a false sense of security. From keycards to mini bars, modern technology has equipped hotel rooms with multiple vulnerabilities. One of our consultants had his personal laptop stolen from a locked hotel room recently. There was no evidence of a forced entry, suggesting an inside job. We spend a lot of time trying to secure mobile devices, but what about the removable storage cards they contain? As we start to pay bills and surf the web from our mobile phones, it's not the handsets thieves will be after. Time is critical when it comes to patches, so make sure you don't miss out on any critical releases. A bit of knowledge and research means you can get those coveted tickets while everyone else is hitting "refresh". Hard drives are often overlooked when it comes to patching. But an exploit in this area could be fateful. Seen as an end-user issue, cross-site scripting has been ignored for too long. Now attacks are on the rise. Are RFID keycards the next big thing? Only if they can see off power attacks, warns Ken Munro One simple way to improve your firm’s password security is incorporating non-US characters. Ken Munro explains Mophophishing may prove a threat too far for banking customers, writes Ken Munro