Archive | Security

03 January 2014 ~ 0 Comments

Designing Secure Information and Communication Infrastructure of Faculty of Transport and Traffic Sciences

With the development of information and communication systems various methods and tools to attack them are being developed. Initially the attacks where performed for individual proof and the desire to learn, but the rise in popularity of Internet and the value of information that this medium transmit target attacks become financial benefit or even war activities. The purpose of this study is to determine the current state of information and communication systems of the Faculty of Transport and Traffic Sciences, define its security vulnerabilities or weaknesses, and based on its findings recommended solutions that will improve the level of safety and reliability of the system by applying the known methods and means of protection.

Continue Reading

03 January 2014 ~ 0 Comments

Research of Security Threats in the Use of Modern Terminal Devices

Modern mobile terminal devices are multi-functional terminal devices with options such as: Internet access, using of applications, e-mail communication, messaging, data storage and using of multimedia files. The value of such data is often invaluable and vulnerability is often very high. Given the high use of smartphones and a variety of operating systems that they use (iOS, Android, Windows Phone …), the logical is the fact that these devices are frequent targets of malicious attacks. Research of this paper will focus on defining forms of security threats and possible attacks on smartphones and a brief description of possibilities for protecting smartphones. There will be displayed features of operating systems and specified the security aspects and specifics which carry some of the modern operating systems of mobile terminal devices.

Continue Reading

Tags:

30 August 2012 ~ 0 Comments

Study of Implementing Available Security Controls of Wireless Computer Networks

This article will present an analysis of security levels of wireless home networks based on IEEE 802.11 standard. The analysis of security implementation will be done on the basis of activated security checks available to end users in order to protect their own wireless system to the full. The analysis will encompass average users as regards to their knowledge of network communication systems and implemented security checks. The end result, i.e. a realistic picture of the way end users think about wireless computer network security, which in turn will have an impact on science and society in general, will enhance the awareness of possible ways wireless networks can be abused.

Continue Reading

Tags: , ,

23 December 2011 ~ 0 Comments

Analiza phishing email poruke “Obavijest za povrat”

Analiza phishing email poruke “Obavijest za povrat”

Posljednjih dana kruži e-mail poruka koja obaviještava čitatelja da je porezna uprava utvrdila da će čitatelju poruke isplatiti 857,88 kuna te se od čitatelja traži da otvori priloženi dokument “Povrat Obrazac.htm” koji je potrebno ispuniti. Kao pošiljatelj se navodi “Porezna upravat (povrat@porezna-uprava.hr)”

Continue Reading

11 November 2011 ~ 0 Comments

My Google Reader RSS subscriptions

I love RSS. I love Google Reader. I love my RSS collection!
I’ve been collecting this for some time now. This collection is not just a bunch of links but it’s a collection of carefully selected RSS channels. It contains almost 300 hundred RSS channels for web desing, UX and security. Most of the RSS channels are security related which include forensic analysis, exploits, malware analysis and PEN testinging.
Feel free to download this OPML and use it as you like it :)

Continue Reading

13 July 2011 ~ 0 Comments

The Framework of e-Forensics in the Republic of Croatia

The Framework of e-Forensics in the Republic of Croatia

With the development of information communication systems and the services they provide, the complexity of the organization of information within information systems is growing. The complexity itself contributes to the increase in the number of electronic incidents and affects the high demands of forensic procedure implementation. It is estimated that in the near future the number of electronic incidents will outgrow the number of classical criminal incidents both financially and quantitatively. Due to the things mentioned above, early identification, discovering and taking legal proceedings against the perpetrator of an electronic incident are necessary. It is necessary to investigate all electronic incidents adequately and promptly and adapt the legal framework and laws related to e-Forensics. e-Forensics is a relatively new discipline within which there is a low level of standardization and consistency. With the purpose of increasing the quality of performing e-Forensics and presenting the evidence in a possible judicial proceeding one has to define the legal framework of e-Forensics. The analysis of current legal standards and methods used to perform e-Forensics is presented in the paper as well as the proposal of performing e-Forensics with defined procedures and methods.

Continue Reading

30 January 2010 ~ 1 Comment

Hacking websites: The Series

Hacking websites: The Series

This is the beginning of the “Hacking websites” series which will try to explain why sites are hacked, how they are hacked and how to protect your website(s) from being hacked and broken. Motivated with rather discouraging results form Breach and WhiteHat security statistics reports I decided to start these series which will, hopefully, educate readers enough to protect their websites from top 10 vulnerability classes.

Continue Reading

Tags: ,

05 January 2010 ~ 0 Comments

Classification of Information System Hacking Tools

Classification of Information System Hacking Tools

In a process of hacking information system the attacker will be using one or more hacking tools to accomplish his objective. The hacking tools can be divided into two main categories: procedural classification and functional classification. Procedural classification describes which tools are use during seven steps of hacking attacker is going through. Functional classification is describing the main four categories based on the tools functionalities.

Continue Reading

12 December 2009 ~ 1 Comment

Hacking Information Systems: Tools of the trade

Hacking Information Systems: Tools of the trade

For every step of the hacking process one or more tools could be required for the attacker to complete his objective. Although there are thousand of hacking tools variations all of them can be categorized to 14 basic categories.

Although, when talking about “tools” many will think about software solutions. But in a broader sense, hackers toolkit is much more than just software and it can be anything from piece of paper and a pen to human activities for collection of sensitive information and the penetration into the target system.

Continue Reading

05 December 2009 ~ 3 Comments

Hacking Information Systems: The Seven Steps

Hacking Information Systems: The Seven Steps

Hacking an information system which can be a computer network, server or a web site collection can be, and it is, very complex procedure and different procedure for every information system. But in it’s essence follows the basic seven steps of hacking into some kind of information system. From basic scouting to full takeover these seven steps […]

Continue Reading