Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Privileged Use Also a State of Mind, Report Finds
Oldest First  |  Newest First  |  Threaded View
SachinEE
50%
50%
SachinEE,
User Rank: Apprentice
5/28/2014 | 12:36:00 PM
Re: Privileged means bad
It can be misunderstood as curiosity but in real senses it poses a danger to an organization. Think of an external party getting advantage of the 'privileged few' curiosity escapades and they get to access important and sensitive information about the organization. Things concerning their clients' personal details, their financial dealings, plan for the organization. This can pose as a threat since competitors' will bank on the information and use it to their advantage.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/28/2014 | 12:43:02 PM
Re: Privileged means bad
Absolutely. Even if these privileged insiders had no intention of sharing the information or leaking it, if they get targeted, then their credentials can be abused by the bad guys, etc. 
Bprince
50%
50%
Bprince,
User Rank: Ninja
5/28/2014 | 8:55:14 PM
Monitoring
Nice paper here from SANS on setting up database logging and monitoring:

http://www.sans.org/reading-room/whitepapers/application/setting-database-security-logging-monitoring-program-34222

Surprised that the percentage using tools to track insiders isn't close to 100 in this and every other study with all the products that are out there.

BP

 


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-37443
PUBLISHED: 2021-07-25
NCH IVM Attendant v5.12 and earlier allows path traversal via the logdeleteselected check0 parameter for file deletion.
CVE-2021-37444
PUBLISHED: 2021-07-25
NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt Au...
CVE-2021-37445
PUBLISHED: 2021-07-25
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading.
CVE-2021-37446
PUBLISHED: 2021-07-25
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading.
CVE-2021-37447
PUBLISHED: 2021-07-25
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion.