Database Security

8a958994958cdf24f0dc051edfe29462

A New Way of Detecting Cybersecurity Attacks

January 04, 2013 Added by:Larry Karisny

Current IDS solutions have high instances of false positives and true negatives and are extremely costly to maintain. Current IDS solutions were not designed for today's hyper connected business processes with high volume of instances. Attempting to detect misuse or anomalous behaviors requires infinite numbers of rules, patterns or algorithms, which is not possible, and is therefore the cause of ...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Fraud Files: When Tax Fraud Won’t Go Away

December 11, 2012 Added by:Kelly Colgan

Though it could create procedural challenges for the IRS and the U.S. Postal Service, Congress could solve the problem by simply refusing to issue refunds before April 15. That way they could see who has duplicate returns filed, and investigate before signing over checks to the bad guys...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

E-mailing Passwords - Practice What You Preach

November 19, 2012 Added by:Bill Mathews

That’s right, I got an email with my username and password listed right there. That probably doesn’t anger normal people (let alone drive them to write an article about it), but I have never been accused of being normal so I’m pretty annoyed. Here, in no particular order, are my reasons for the anger and frustration...

Comments  (6)

6462807771e81d9c33eb99307f5f3e77

Modernizing Physical Security and Incorporating Best Practices Into New Assets

November 18, 2012 Added by:Michele Westergaard

Cyber security threats to the utility industry are increasing in number and sophistication. The North American Reliability Corporation (NERC) is increasing the Critical Infrastructure Protection (CIP) regulatory requirements to ensure facilities are meeting basic standards in this area...

Comments  (0)

942a200514c2a9d79858ce6355c40614

Admin Rights - Your Achilles Heel

October 31, 2012 Added by:Paul Kenyon

Every organization experiences user frustrations and complications that result in support calls to the help desk. While each call may seem to suggest a unique problem, there could be a common root cause amongst them. Help desk calls often seem to be black and white – the machine works and now it doesn’t...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Wrong response to zero day attacks exposes serious risks

October 22, 2012 Added by:Pierluigi Paganini

Recent revelations on Flame raise the question on the efficiency of zero day vulnerabilities, software bugs that hackers exploit to avoid security defenses on targeted systems. The real problem when we talk about zero-day is related to the duration of the period in which hackers exploit the vulnerability...

Comments  (0)

4eb356e09746aadc2f4800877e8c24e8

Sidestepping Microsoft SQL Server Authentication

October 21, 2012 Added by:Brandon Knight

Penetration testers love compromising systems during assessments, and the most important portion of a penetration test is getting access to critical data and systems. So, post exploitation I generally head for the database servers. Depending on the permissions of the target there may be another hurdle to bypass...

Comments  (2)

942a200514c2a9d79858ce6355c40614

Top Ten Ways to Prevent Data Breaches

October 11, 2012 Added by:Paul Kenyon

Users with admin rights are loose cannons -- you just don’t know when or where they are going to strike, and the results can be devastating to the company’s security infrastructure. Once a problem occurs, it often unravels into a downward spiral taking your business - and reputation - down with it...

Comments  (3)

4de72ea3c29fd5b60b5b95627242871a

Data is the New Perimeter for Cloud Security

September 12, 2012 Added by:Mike Gault

The security market in 2012 is estimated at $60 billion, yet adding more layers of perimeter security may be completely useless against a determined sysadmin working on the inside. The end result is that your data might or might not be secure – you simply have no way to prove it...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

The Data Compromise Evolutionary Clock Is Ticking

August 22, 2012 Added by:Kelly Colgan

The digitization of medical records may make folks queasy, but it is also efficient, offering an opportunity to save both money and lives. It is in fact inevitable. Unfortunately, so are data breaches and the identity compromises that follow. We need to be deadly serious because lives are at literally at stake...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

Oracle Security Alert Analysis

August 19, 2012 Added by:Alexander Rothacker

So, what is this new vulnerability all about? It’s a privilege escalation vulnerability that gives an attacker SYSDBA privileges. In order to perform the exploit, one needs to have CREATE TABLE and CREATE PROCEDURE privileges as well as EXECUTE privileges on DBMS_STATS package...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Ticking Time-Bombs: Production Data in Non-Production Systems

August 03, 2012 Added by:Rafal Los

While it's not really OK to have a vulnerable application sitting out on the 'net, at least if it's in "stage" mode it shouldn't have real data... right? Unfortunately this wasn't the case in many of the incidents I experienced. It's time to remind ourselves that anything that is accessible should be well protected...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Big Data Analytics: On Structured and Unstructured

July 08, 2012 Added by:Ben Kepes

Analysis of unstructured data is the hot topic these days – organizations are lured by the promise of deriving huge incremental value by gaining insights from crunching vast pools of seemingly random numbers to determine patterns and trends. It’s not a huge surprise that structured data analytics gets forgotten...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Two-Thirds of Management Don’t Know Where Their Data Is

June 25, 2012 Added by:Headlines

“The most disturbing findings were the number of companies that report they have no way to track what data is being stored in the cloud, no process to manage access to that data (or plans to do so), and that management doesn’t know where enterprise data is stored. This should act as a wakeup call for organizations..."

Comments  (1)

65be44ae7088566069cc3bef454174a7

Disposal Dummies Cause Privacy and Security Problems

June 21, 2012 Added by:Rebecca Herold

Information disposal is now a legal requirement for basically all businesses of all sizes, and it simply makes sense to dispose of information securely as an effective way to prevent breaches. Having effective disposal policies, procedures and technologies in place demonstrates reasonable due diligence...

Comments  (1)

02a6d0efd54c7388e26f125d8df83671

Top Five Fundamentals of Network Security

June 14, 2012 Added by:Megan Berry

There are many factors that can bring down your networks and compromise data, including criminals, carelessness and disgruntled employees. The hardware, software, and policies that make up the layers of network security defend your company’s systems from these threats. What are the most common threats?

Comments  (1)

Page « < 1 - 2 - 3 - 4 - 5 > »