Database Security
The Dangers of Second Hand Hard Drives
August 24, 2011 Added by:Emmett Jorgensen
Whether you are planning on selling, recycling or throwing away your old hard drives, you should always consider using one of these solutions: destruction, degaussing, or secure data erasure. Otherwise, there's no telling whose hands you data may end up in...
Comments (2)
Anonymous Conspiracies That Never Materialize
August 12, 2011 Added by:Scot Terban
Data dumps without context have no real intelligence worth. While this stuff is interesting, it’s certainly not earth shattering. What’s worse is that it makes you all look more and more like the boy who cried wolf than the Deep Throat. This is why I keep harping on Anonymous...
Comments (0)
Native Auditing In Modern Relational Database Management
August 03, 2011 Added by:Alexander Rothacker
Modern databases provide powerful built-in auditing capabilities that are often underestimated. There are downsides of native auditing like the ability for a malicious user to manipulate the audit trail. Overall, this feature allows customers to monitor database activity at a very granular level...
Comments (3)
TeamSHATTER Analysis Of The July 2011 Oracle CPU
July 31, 2011 Added by:Alexander Rothacker
With ‘unbreakable’ timeliness, Oracle released their 27th Critical Patch Update. They shipped 78 security fixes over all their product families. Sixteen of the fixes are specific to the Oracle Database, but a total of 30 fixes have an impact on database confidentiality, integrity or availability...
Comments (0)
Understanding the Customer is the Key to Success
July 27, 2011 Added by:Rahul Neel Mani
ArcSight which was acquired by HP last year was started when the Dot Com bubble had burst. CTO Forum talks to Hugh Njemanze, ArcSight Founder and VP & CTO, HP Security Solutions about the company’s journey so far and how the company has been able to sustain a robust growth...
Comments (0)
Russia Amends Federal Data Protection Law
July 20, 2011 Added by:David Navetta
In the past, some of the strict foreign data protection laws have not been rigorously enforced, giving businesses breathing room. The enforcement landscape is likely to tighten in the near future, however, increasing the risk of investigations and sanctions for privacy violations...
Comments (0)
Protecting Our Data
July 04, 2011 Added by:Michael Fisher
Do you provide unmonitored access to your data and IP? What is really at stake here? Can we afford the status Quo when it comes to security? Is this a rarity or an everyday occurrence? So many questions, so few answers. Intellectual Property needs to be protected like a new born baby...
Comments (8)
Avoiding The Next Big Data Breach
June 21, 2011 Added by:Alexander Rothacker
It’s incumbent on the individuals that are responsible for the security of the data to ride this wave of activity, raise awareness, and move their security projects forward. There is no reason these large breaches should be occurring, not when the solutions already exist...
Comments (0)
The NIST EMAP is Out
June 11, 2011 Added by:Anton Chuvakin
The Event Management Automation Protocol (EMAP) is a suite of interoperable specifications designed to standardize the communication of event management data. EMAP is an emerging protocol within the NIST Security Automation Program, and is a peer to similar automation protocols...
Comments (0)
File Sharing or Privacy Breaching Service? Beware!
May 22, 2011 Added by:Ron Lepofsky
Researchers investigated the privacy of 100 file hosting services and discovered that a large percentage of them generate download uniform resource identifier (URI) in an insecure manner, which jeopardizes the confidential and privacy of user data...
Comments (1)
The Bin Laden Raid and the May 15th Facebook Intifada
May 13, 2011 Added by:Dan Dieterle
Teams from 10 agencies are combining to sift through the sizable stash of data recovered from Osama Bin Laden’s compound, as intelligence experts look to get a handle on the former al-Qaeda leader and learn more about the group’s plans, according to a top Defense Department official...
Comments (0)
ERP Vulnerabilities Differ from Those at the Database Level
May 13, 2011 Added by:Alexander Rothacker
ERP applications are attractive targets because this software is present in all major organizations and across the whole enterprise. The backend database of these systems usually contains customer data and key company secrets, such as the logic for business processes...
Comments (0)
Data Security Explained in Simple Terms
May 05, 2011 Added by:Gurudatt Shenoy
The argument that devices can be stolen and thus cannot be fail-proof against data theft can be certainly countered by the fact that such devices can be detected quite early and rendered unusable, as compared to stolen passwords that are most often detected only once the damage is done...
Comments (2)
Advantages of Hosted Software and Data Security
April 14, 2011 Added by:Lindsay Walker
Every workplace has "super-users," people who can hack into systems and extract sensitive information. Having information stored offsite makes it challenging for anyone inside your organization to get their eyes on information they aren't permitted to see...
Comments (0)
Parallelized Data Mining Security
April 12, 2011 Added by:K.S. Abhiraj
Problems with protecting hosts from malicious code are understood. The problem posed by malicious hosts to entities and the environment is more complex. Since an entity is under the control of the executing host, the host can in principle do anything to the event and its code...
Comments (2)
Data Loss Prevention: Solution in Search of a Problem?
April 06, 2011 Added by:Ron Lepofsky
Pro-active DLP products stop potentially threatening situations from developing, and if they do occur it blocks, encrypts, and suggests reconfigurations on the fly. More comprehensive enterprise versions are highly integrated with many of these features all packed into one product...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)