Blog Posts Tagged with "Remote Access"
Making Sense of Split Tunneling
January 20, 2013 Added by:Patrick Oliver Graf
Split tunneling is not a new concept in the realm of remote access networking. The technology emerged in the 1990s to allow VPN users to access a public network and a LAN or WAN simultaneously. But despite this longevity, its merits and security continue to be disputed...
Comments (1)
BYOD: Mobile Security Tips for Small Businesses
September 16, 2012 Added by:Robert Siciliano
If you choose to use your personal device for work purposes, at any time, for any reason, your employer will more than likely want control over that device. This means that, again, your employer may have remote capabilities to monitor activity wipe your device’s data...
Comments (1)
The Risks from a Lost or Stolen Mobile Device
August 13, 2012 Added by:Robert Siciliano
Mobile devices are on the move, meaning they can more easily be lost or stolen and their screens and keyboards are easier targets for “over the shoulder” browsing. When we lose our phones, we think about the pain and cost of replacing the device. But that’s just the tip of the iceberg...
Comments (0)
The Rise of Multi-Platform Malware
July 12, 2012 Added by:Pierluigi Paganini
Using a JAR, the malware is able to identify the OS and download the right files to infect the targeted machine. After identifying the type of operating system a unit is running, a Java class file will download the appropriate malware, with the purpose to open a backdoor to allow remote access to the machine...
Comments (0)
How to Save Your Photos from a BYOD Security Policy
June 24, 2012 Added by:Brent Huston
One of the more common rules is to enable the remote wipe and lock feature. This means that if your device was ever stolen or compromised, the IT department can remotely lock the device and then wipe any data from it. And yes, that would include all of your photos as well as other items...
Comments (0)
Bionic M2M: Are Skin-Mounted M2M the Future of eHealth?
May 19, 2012 Added by:Danny Lieberman
As their computing capabilities develop, current trusted computing/security models will be inadequate for epidermal electronics devices and attention needs to be devoted as soon as possible in order to build a security model that will mitigate threats by malicious attackers...
Comments (0)
Protecting Data in Use
April 26, 2012 Added by:Simon Heron
The security of data in use is about risk mitigation. However, with the current targeted attacks and the proliferation of zero day threats, the risk level is high. It is necessary that action is taken to implement the required precautions that reduce the risk to an acceptable level...
Comments (0)
ICS-CERT: 3S-Software CoDeSys Improper Access Control
April 10, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report of improper access control vulnerability affecting 3S-Software CoDeSys which could allow an attacker can upload unauthenticated configuration changes to the PLC which may include arbitrary code...
Comments (0)
Cisco Releases Multiple Security Advisories
March 15, 2012 Added by:Headlines
The Cisco AnyConnect ActiveX control contains a buffer overflow vulnerability which can allow a remote attacker to convince a user to view a specially crafted HTML document, and the attacker may be able to then execute arbitrary code...
Comments (0)
ICS-CERT: xArrow SCADA HMI Multiple Vulnerabilities
March 07, 2012 Added by:Infosec Island Admin
ICS-CERT is aware of a public report detailing multiple vulnerabilities with proof-of-concept (PoC) exploit code affecting xArrow, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product that are are remotely exploitable...
Comments (0)
Twelve Security Best Practices for USB Drives
March 06, 2012 Added by:Kelly Colgan
Portable and mobile storage devices are significant players in most corporate offices. Ensuring proper protection with a best practices policy and strict enforcement offers significant risk reduction—and can prevent long nights on data breach investigations...
Comments (1)
Adobe Releases Critical Updates for Flash Player Vulnerability
March 06, 2012 Added by:Infosec Island Admin
Adobe has released critical updates for Android, Windows, Linux and Solaris operating systems to mitigate vulnerabilities in the company's Flash Player software that may have allowed attackers to inflict a denial of service or take control of a targeted system...
Comments (0)
A Structured Approach to Handling External Connections
February 27, 2012 Added by:Enno Rey
The approach to be developed is meant to work on the basis of several types of remote connections in which each determines associated security controls and other parameters. At the first glance, not overly complicated, but – as always – the devil is in the details...
Comments (0)
ICS-CERT: 7Technologies TERMIS DLL Hijacking
February 21, 2012 Added by:Infosec Island Admin
The 7T TERMIS software is vulnerable to DLL Hijacking. An attacker may place a malicious DLL in a directory where it will be loaded before the valid DLL. This vulnerability may allow execution of arbitrary code and may be exploitable from a remote machine...
Comments (0)
ICS-CERT: Advantech BroadWin WebAccess Vulnerabilities
February 10, 2012 Added by:Headlines
ICS-CERT is aware of a public report about an RPC server vulnerability with proof-of-concept (PoC) exploit code affecting the Advantech BroadWin WebAccess software, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product...
Comments (0)
ICS-CERT: Invensys Wonderware HMI XSS Vulnerabilities
February 09, 2012 Added by:Headlines
Researchers Billy Rios and Terry McCorkle have identified cross-site scripting (XSS) and write access violation vulnerabilities in the Invensys Wonderware HMI reports product that could result in data leakage, denial of service, or remote code execution...
Comments (0)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!