General

03b2ceb73723f8b53cd533e4fba898ee

Wrong response to zero day attacks exposes serious risks

October 22, 2012 Added by:Pierluigi Paganini

Recent revelations on Flame raise the question on the efficiency of zero day vulnerabilities, software bugs that hackers exploit to avoid security defenses on targeted systems. The real problem when we talk about zero-day is related to the duration of the period in which hackers exploit the vulnerability...

Comments  (0)

4eb356e09746aadc2f4800877e8c24e8

Sidestepping Microsoft SQL Server Authentication

October 21, 2012 Added by:Brandon Knight

Penetration testers love compromising systems during assessments, and the most important portion of a penetration test is getting access to critical data and systems. So, post exploitation I generally head for the database servers. Depending on the permissions of the target there may be another hurdle to bypass...

Comments  (2)

942a200514c2a9d79858ce6355c40614

Top Ten Ways to Prevent Data Breaches

October 11, 2012 Added by:Paul Kenyon

Users with admin rights are loose cannons -- you just don’t know when or where they are going to strike, and the results can be devastating to the company’s security infrastructure. Once a problem occurs, it often unravels into a downward spiral taking your business - and reputation - down with it...

Comments  (3)

4de72ea3c29fd5b60b5b95627242871a

Data is the New Perimeter for Cloud Security

September 12, 2012 Added by:Mike Gault

The security market in 2012 is estimated at $60 billion, yet adding more layers of perimeter security may be completely useless against a determined sysadmin working on the inside. The end result is that your data might or might not be secure – you simply have no way to prove it...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

The Data Compromise Evolutionary Clock Is Ticking

August 22, 2012 Added by:Kelly Colgan

The digitization of medical records may make folks queasy, but it is also efficient, offering an opportunity to save both money and lives. It is in fact inevitable. Unfortunately, so are data breaches and the identity compromises that follow. We need to be deadly serious because lives are at literally at stake...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

Oracle Security Alert Analysis

August 19, 2012 Added by:Alexander Rothacker

So, what is this new vulnerability all about? It’s a privilege escalation vulnerability that gives an attacker SYSDBA privileges. In order to perform the exploit, one needs to have CREATE TABLE and CREATE PROCEDURE privileges as well as EXECUTE privileges on DBMS_STATS package...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Ticking Time-Bombs: Production Data in Non-Production Systems

August 03, 2012 Added by:Rafal Los

While it's not really OK to have a vulnerable application sitting out on the 'net, at least if it's in "stage" mode it shouldn't have real data... right? Unfortunately this wasn't the case in many of the incidents I experienced. It's time to remind ourselves that anything that is accessible should be well protected...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Big Data Analytics: On Structured and Unstructured

July 08, 2012 Added by:Ben Kepes

Analysis of unstructured data is the hot topic these days – organizations are lured by the promise of deriving huge incremental value by gaining insights from crunching vast pools of seemingly random numbers to determine patterns and trends. It’s not a huge surprise that structured data analytics gets forgotten...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Two-Thirds of Management Don’t Know Where Their Data Is

June 25, 2012 Added by:Headlines

“The most disturbing findings were the number of companies that report they have no way to track what data is being stored in the cloud, no process to manage access to that data (or plans to do so), and that management doesn’t know where enterprise data is stored. This should act as a wakeup call for organizations..."

Comments  (1)

65be44ae7088566069cc3bef454174a7

Disposal Dummies Cause Privacy and Security Problems

June 21, 2012 Added by:Rebecca Herold

Information disposal is now a legal requirement for basically all businesses of all sizes, and it simply makes sense to dispose of information securely as an effective way to prevent breaches. Having effective disposal policies, procedures and technologies in place demonstrates reasonable due diligence...

Comments  (1)

02a6d0efd54c7388e26f125d8df83671

Top Five Fundamentals of Network Security

June 14, 2012 Added by:Megan Berry

There are many factors that can bring down your networks and compromise data, including criminals, carelessness and disgruntled employees. The hardware, software, and policies that make up the layers of network security defend your company’s systems from these threats. What are the most common threats?

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

NIST Conducts Big Data Workshop

June 14, 2012 Added by:Infosec Island Admin

In this first NIST 'Big Data' workshop, key national priority topics will be explored, including examples from science, health, disaster management, security, and finance. At the same time, topics in emerging technology areas including analytics and architectures will also be discussed...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Big Brother Likes Big Data: Balancing Privacy with Innovation

June 05, 2012 Added by:Rebecca Herold

Big Data and associated analytics can be used to improve business and customer experiences and bring innovation and medical breakthroughs. However, organizations must make sure they don’t cross that line of customization and business improvements into creepiness and full-blown privacy invasion...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Ensuring Data Integrity via Checks, Tests, and Best Practices

June 04, 2012 Added by:Fergal Glynn

As a process, data integrity verifies that data has remained unaltered in transit. As a state or condition, it is a measure of the validity and fidelity of a data object. As a function related to security, means information is exactly as it was inputted and is auditable to affirm its reliability...

Comments  (0)

959779642e6e758563e80b5d83150a9f

How to Secure Patient Data in a Healthcare Organization

May 23, 2012 Added by:Danny Lieberman

If you are a HIPAA covered entity, securing patient data is central to your business. If you are a big organization, you probably don’t need my advice. If you are small to mid-size provider without a large budget, the question is “How can I do this for as little money as possible?”

Comments  (0)

145dfdfe39f987b240313956a81652d1

Small Merchant Data Security: Helping Them Help Themselves

May 17, 2012 Added by:Stacey Holleran

Many small merchants—whether selling online or brick-and-mortar, or both—don’t have the technological background to understand the steps necessary for protecting the cardholder information and other sensitive data that passes through (and may be stored in) their business systems...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »