Palisade Magazine
 
Pharming on the Net

March 2006

Pharming on the Net

by Nilesh Chaudhari, CISSP

You must be well aware of phishing and its potential to cause damage. They bait bank customers with genuine looking emails and manage to usurp money or personal information from unsuspecting customers with reasonable success. Pharming is phishing on steroids.… more →

Security issues in 'Remember Me' feature

by Shah Nawaz

Most web sites that deal with sensitive personal information of users, require them to authenticate themselves with valid usernames and passwords. If the login credentials contain long digit card numbers or a series of complex passwords, users often find it difficult to remember the credentials. Thus they turn to the browser to help them remember login credentials. Let’s take the security issues that arise due to this feature.… more →

Thick Client Application Security - Attacks

by Balaji V

Traditional two-tier thick client applications are vulnerable to several attacks. This two part series will discuss the attacks and defenses for them. In this first part, we focus on the different attack techniques and tools.… more →

QuizQuiz: Email Address Harvesting

Which is/are the secure methods, among given options, to prevent email addresses harvesting?

  1. Re-format/ munging address
  2. Substitute ASCII codes in address
  3. Obscure address through javascript
  4. Hide address in image
  5. Options 3 and 4

more →

On the blog recently

Past quizzes

  • Dec '05 : What’s the best strategy to validate the inputs in our application?
  • Jul '06 : Which of these techniques helps in preventing passwords being stolen from the browser?
  • Mar '05 : Which is the best method for implementing the Forgot Password feature?
  • Jul '04 : What is the cryptographic technique to use for transmitting passwords during authentication?
  • Aug '06 : An attacker enters a long nasty looking string into the date field. The input overwrites parts of the running program and executes commands on the server. What type of attack just took place?

Search this website

 Search website

Stay Informed

Want to know when the new issues are out? Just fill in your details, we will take care of notifying you when new issues are released:




Subscribe  Unsubscribe

Write to Us

All flowers, brickbats and suggestions are welcome. You can put in yours on the feedback page.

News & Events

  • 03.03.10. Binu Thomas, CTO Plynt, presented at the RSA Conference 2010 on the topic “Application Security Across the Enterprise: Lessons from the Trenches”. This is the fifth time Paladion has been invited to present here.
  • 25.12.09. Plynt has been selected as a finalist for Red Herring’s Global 100 award, a prestigious list honoring the year’s most promising private technology ventures from around the world.
  • 10.12.09. Deloitte Fast 50 India features Paladion 4 years in a row. The ranking of the 50 fastest growing technology companies places Paladion in the 19th spot.
  • 21.05.09. ICICI Bank and Paladion Have Been Awarded the Best Banking Security Systems Project by the Asian Banker IT Implementation Awards Program
  • 20.04.09. Info Security Products Guide Names Plynt Certification Program Winner of the 2009 Tomorrow’s Technology Today Award