Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Myth Bust: No One In My Enterprise Can Misuse Privilege

Myth Busters has become a TV phenomenon with great antics to prove or disprove commonly head “truths” as “urban legend, wife’s tale or grounded in fact-based truth. In today’s enterprise a common myth is that no one ever actually misuses the information technology (IT) privileges granted them. We thought we take a closer poke at…

Post by Peter McCalister January 17, 2011

Putting the Health Care Cart Before the Horse?

Health Information Exchanges (HIEs) are the latest buzz phrase to hit the compliance marketplace. In a recent post blogger, reported on the opinions of top IT experts, about the top Patient Health Care Information trends for 2011. Amongst a clear indication of increased breaches; imposition of fines and other regulatory action; as well as…

Post by Peter McCalister January 14, 2011

Motivation and Preparation

You probably already saw last month that a group called Gnosis hacked over 1 million rows of data from Gawker, claiming the organization had some of the worst security they could have imagined. Gnosis gained access to their database in one day and even Gawker said in an internal memo that they were largely caught…

Post by Peter McCalister January 13, 2011

Tell Us Your Patch Tuesday Story!

Please use the “Leave a Reply” function below and tell us your Patch Tuesday story for a chance to win a new Amazon Kindle and $25 gift card. Deadline to be entered into the VEF contest is Friday 1/14 at noon PST. Please note that all email/contact info will be kept private from public view,…

Post by The eEye Research Team January 12, 2011

Top 10 Reasons To Care About Who Has Privileged Access to Your IT

In the spirit of keeping blog posts informative, short and fun, this one takes a cue from David Letterman in format.

Post by Peter McCalister January 12, 2011

Microsoft Patch Tuesday – January 2011

The ebb and flow of Microsoft Security Bulletins continued this month, with a nice slow release of only two bulletins to follow up the record set in December. Unfortunately, neither of these two bulletins patched any of the zero-day vulnerabilities that are currently affecting Microsoft products. Microsoft continued to patch DLL preloading vulnerabilities, this time…

Post by Chris Silva January 11, 2011

Mozilla Breach and Privileged Users

If you have one of 44,000 inactive Mozilla accounts, you may have received a belated Christmas present on December 27th when the company sent out notifications of a potential leak of their account information. In this case the company was able to reassure those users there was virtually no possibility of any harm to them….

Post by Peter McCalister January 11, 2011

Your Password is What? I Thought That Was Second Base.

Who’s on first? What’s on second? I don’t know’s on third, and your password is Password?

Post by Peter McCalister January 10, 2011

BeyondTrust on WikiLeaks and Corporate Security

Earlier this month we were interviewed by Paul Rudo, chief blogger for

Post by Peter McCalister January 6, 2011

2010: The Year of Insider Threats and Misuse of Privilege

Increasingly difficult to thwart, attacks by people with legitimate access to an organization’s computers, devices and networks represent a growing problem across the globe.

Post by Peter McCalister January 5, 2011