Blog Posts Tagged with "SysAdmin"
The CERT Guide to Insider Threats
May 07, 2012 Added by:Ben Rothke
While there are many books on important security topics such as firewalls, encryption, identity management and more, The CERT Guide to Insider Threats is the one of the first to formally tackle the devastating problem of trusted insiders who misappropriate data...
Comments (0)
Why Do You Need Privileged Identity Management?
May 01, 2012 Added by:DHANANJAY ROKDE
Most access provided is typically role-based. However, many forget to consider factors like data classification and ownership. Network, system and database managers get access to what they are responsible for, but there are five questions that need to be asked...
Comments (0)
On Network Segmentation Faults
April 11, 2012 Added by:Jack Daniel
Why should you segment? Network and systems management can be enhanced by segmentation and isolation, as can performance- patch and systems management servers, departmental servers, printers and more can be placed in the most advantageous segment of the network...
Comments (0)
Security Depends on IT Maturity
March 19, 2012 Added by:Robb Reck
Signs of an organization’s security fitness in metrics like patch levels, web application vulnerabilities, and firewall configurations. But in order to see the real state of our security programs, we need to include measures that capture the state of IT governance overall...
Comments (3)
Implementing Least Privilege
March 16, 2012 Added by:Ben Rothke
Least privilege is the notion that in a particular abstraction layer of a computing environment every module - such as a process, a user or a program depending on the subject - must be able to access only the information that is necessary for its legitimate purpose...
Comments (1)
Going Back to the Stack
March 15, 2012 Added by:Wendy Nather
If you have parts of your infrastructure outsourced, go over your contracts with your providers. You want them to be able to give you logs within a few minutes of the request and have the right technical support without fighting your way through first-level script-readers...
Comments (0)
User Assisted Compromise (UAC)
February 09, 2012 Added by:Rob Fuller
You have to wait for the user to use UAC (this does not work if someone else does, it's only for the current user HKCU). But, as a side benefit, it's a very real form of sneaky persistence as well, as it will execute our evil binary every single time they use UAC...
Comments (0)
Four Reasons to Use a Vulnerability Scanner
February 02, 2012 Added by:Dan Dieterle
A vulnerability scanner is a tool that can automatically scan your network and the systems connected to it, examining each one for vulnerabilities that could be exploited. Malicious users frequently use scanners to hunt for ways to compromise your systems...
Comments (0)
Popular Dedicated Linux Distributions and Tools
January 17, 2012 Added by:Bill Gerneglia
There are Linux distributions dedicated to multimedia editing, monitoring, security testing, and basic system administration. Here are some specialized open source Linux distributions that can be used by the IT admins to perform their job with some free sophisticated tools...
Comments (1)
Separation of Duties for System Administrators
January 09, 2012 Added by:Rafal Los
How do our organizations treat administrators (more specifically highly privileged users) when they are removed from active duty? It seems that in large organizations the issue is easier to at last draw a line around than in smaller orgs - but the problems remain...
Comments (1)
Data Loss Prevention: Step 2 - Manage Privileges
December 14, 2011 Added by:Rafal Los
Getting back to basics is critical, and one of the most basic of basics is managing the rights to your data, your systems, and your critical operations. Let's take a critical, step-by-step look at how managing privileges can greatly decrease your likelihood of leaking data...
Comments (0)
Memory Forensics: Pull Process and Network Connections from a Memory Dump
November 23, 2011 Added by:Dan Dieterle
From the output of the command, we see the physical memory location, process name and the PID number of all processes that were running. This helps deduce if something was running that should not have been and allows you to view programs that may be running under the process...
Comments (0)
Mass Disclosure of Vulnerabilities in SAP
November 22, 2011 Added by:Alexander Polyakov
This month ERPScan specialists published eight vulnerabilities of different criticality found in SAP products. The vulnerabilities represented almost all risks from the OWASP Top 10, from path traversal and XSS to authorization bypass and code injection...
Comments (0)
IBM AS400 (I-Series) Key Controls for User Accounts
November 10, 2011 Added by:Kevin Somppi
It is impossible to prove that a platform or program has no bugs; however, if you take the time to reasonably test and find the obvious vulnerabilities, and challenge the access which your user community has been granted, you stand a better chance of not being compromised...
Comments (1)
Why a Data Flow Map Will Make Your Life Easier
October 24, 2011 Added by:Brent Huston
It’s impossible to protect everything in your environment if you don’t know what’s there. All system components and their dependencies need to be identified. This isn’t a mere inventory listing. Adding the dependencies and trust relationships is where the effort pays off...
Comments (0)
AmEx Secures Website Admin Debugging Panel Error
October 06, 2011 Added by:Headlines
“An attacker could inject a cookie stealer combined with jQuery’s .hide() and harvest cookies which can, ironically enough, be exploited by using the admin panel provided by sloppy American Express developers," Femerstrand explained in a blog post...
Comments (0)
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR
- Who Are You Preaching to Anyway?
- Some Observations on Klout Scores
- Where Will the Buck Stop in Cloud Security?
- How Does Your Bank Protect Your Data?