Commentary
Content posted in August 2007
|
Mobile Computing Makes For Risky Business
Here's one we all already know -- mobile computer users take more security risks than office-bound computer users. A new survey shows just how risky their behavior is.
Small Business Lessons From Big Monster's Big Security SNAFU
How you handle news of a security breach can be as important to your business as how you handle the breach itself. And how you handle perception of your handling ranks just as high.
Most Small Businesses Are Security Over-Confident
That's what a new study says, anyway -- 80 percent of small to midsize businesses don't block (or, by implication, monitor) employee use of computers for file-sharing or use of USB devices, three-quarters allow unfettered Instant Messenging, nearly half don't even have spyware controls installed, and a staggering percentage don't regularly update what security software they do have. Yet most feel confident that their companies are protected.
Talking Trash
Shred up those papers and that trash! Or crooks can grab your business cash! And identities, trade secrets and anything else that's not micro-shredded or broken down into its component atoms.
Advice On Building A Better Password
We're always hearing that we need stronger passwords, but many people don't know how to craft a better, stronger password or they simply don't take the time to come up with some crazy complex string that they have no chance of remembering.
I was just talking with someone who gave me some great advice.
Weathering The Weather
Watch the news coverage of the Midwest floods and the toll they've taken on families, homes and holdings, and you can't avoid hearing -- and often -- from flood victims who discovered that their insurance didn't cover flood or landslide/mudslide damage. It's no great leap to extend those personal stories to small and mid-size business stories. How covered are you when a natural disaster strikes your business?
A Monster Of A Security Problem
Ever hire anybody via Monster.com? Ever look for a job there yourself? You may have an identity problem.
Facebook 'em, Danno!
Did you hear the one about how Facebook is costing the Australian economy $5 billion a year? And that's just lost productivity -- not the security risks Facebook exposes companies to.
Ready to Lock Up Your Employees iPods?
If you thought that you had your companys security concerns under control, you may have to think again. The widespread success of Apple's iPod is creating new security concerns for enterprises. Because it is equipped with 1G byte (or more) of memory and includes software to synch with a local PC, the handy little device has become a new entry way for hackers. Chances are that it has become just that at your company; securi
Pods Pose Possible Problems
Got employees? Then you've got iPods -- and you may have some security problems you haven't considered.
Take That Thumb Drive Out Of Your...
employees' hands. Not really, of course, the big-storage/small-bucks devices are just too convenient, too portable, too easy to use. All of which makes them too dangerous to use indiscriminately.
Beware IE and Excel Users!
With the exception of email, there are two applications most of us can't live without: an internet browser and a spreadsheet. With Microsoft's latest release of security patches, one must ask will they ever get it right? How does a small business manage their IT environment without constant fear?
MAXXED-Out
There are important small to mid-size business lessons in the big biz security breach at TJ MAXX. Chief among them: no matter how costly a security breach looks at first, it's going to get worse.
Steal This Notebook
I was sitting in a Chinese buffet restaurant the other day, dividing my attention between the potsickers on my plate and the activities of the businessman at a table across the room. We were the only two customers, although he was far from alone. Bluetooth-budded and Wi-Fi connected, he was carrying on conversations and speedtyping dat
Heads Up!
Turns out that one of the biggest computer vulnerabilities is all in your head. And your employees'.
And The Winnah Is!
Actually, the results of Wednesday's night's ClamAV Anti-Virus Fight club should read: And The Winnahs Are...
Security Slugfest TONITE!!!
The open source folks at Clam AntiVirus are taking all commercial comers in an anti-virus test-off at Linuxworld tonight.
SMB -- Security Means Bucks
How much is your business spending on information/computer/communications security? Odds are it's more than last year, maybe lots more, and not just because of inflation.
PDFs: Not Mighty
I hate PDFs. Always have. Probably always will.
Actually, I don't hate all PDFs. Printed-out PDFs are fine. Printing is what PDFs are for. But on the Web, PDFs are almost always a poor choice of format.
I thought I was pretty much alone in my "PDFobia", but apparently I've got company. Chris Nerney at Datamation has his own reasons for despising them.
IBM Lost His Data... A Follow Up Story
George is an ID theft victim whose personal data was potentially exposed after an incident involving IBM. While IBM has graciously extended its hand to help fix the problem, George hasn't been completely happy with how things are turning out. His story may have lessons for the rest of us.
CSO Heartland
Good news for security pros: salaries are up -- and they're up in the real world, not just Silicons Valley, Northeast, Northwest.
Bridge To Security
How many bridges, overpasses, tunnels do you and your employees drive over, under, through every day?
That's been on my mind the last couple of days as the Minneapolis bridge collapse and its physical infrastructure implications for other bridges, overpasses, buildings and everything dominated the news.
What Richard Clarke Was Really Saying At Black Hat
Don't let politics get in the way of progress. That was one of the key messages former U.S. counterterrorism advisor Richard Clarke delivered during his Black Hat keynote. Of course, Clarke has a colorful way of putting things.
One Degree Of Vulnerability Separation
No aspect of your business data is more than one degree removed from theft, cybercrime or compromise, and maybe it can't ever be.
|
White Papers
Video
10 Comments
Current Issue
5 Emerging Cyber Threats to Watch for in 2019Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-8980
PUBLISHED: 2019-02-21
PUBLISHED: 2019-02-21
PUBLISHED: 2019-02-21
PUBLISHED: 2019-02-21
PUBLISHED: 2019-02-21
From DHS/US-CERT's National Vulnerability Database CVE-2019-8980
PUBLISHED: 2019-02-21
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
CVE-2019-8979PUBLISHED: 2019-02-21
Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when the order_by() parameter can be controlled.
CVE-2013-7469PUBLISHED: 2019-02-21
Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2018-20146PUBLISHED: 2019-02-21
An issue was discovered in Liquidware ProfileUnity before 6.8.0 with Liquidware FlexApp before 6.8.0. A local user could obtain administrator rights, as demonstrated by use of PowerShell.
CVE-2019-5727PUBLISHED: 2019-02-21
Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This