Any security evaluation involves three components:

* Preparation: In this phase, a formal contract is signed between an ethical hacker and the authority of the organization that contains a non-disclosure clause as well as a legal clause to protect the ethical hacker against any prosecution that he may face during the conduct phase. The contract also outlines the infrastructure perimeter, evaluation activities, time schedules, and resources available to him.
* Conduct: In this phase, the evaluation technical report is prepared based on testing potential vulnerabilities.
* Conclusion: In this phase, the results of the evaluation are communicated to the organization and corrective advice/action, if needed, is taken.

Explore More

What is “Clickjacking“? The latest Adobe Flash clipboard hijack attack

A new Web attacks is now in the wild. It’s named clickjacking – as discussed at the OWASP NYC AppSec 2008 Conference. Clickjacking is actually clipboard hijacking by adobe flash

Read More

Critical XSS Vulnerability in http://www.yangon.com.mm

PlanetCreator.Net’s Security Team Member has reported another critical XSS vulnerability on MM Search Engine http://www.yangon.com.mm These are some information from Vulneral Site http://www.yangon.com.mm: This vulnerability has been alerted to webmaster

Read More

Google Talk Cheats

With Google Talk being all the craze right now, some people hating it, and others loving it, I figured that I would post a list of tips and tricks for

Read More