Ever use the phrase that looking for something was like “finding a needle in a haystack”? If you’ve ever seen (or especially played in) a haystack then you understand the magnitude of that challenge. This also applies to IT security when trying to uncover who or what was able to access confidential information and either steal, damage or delete it altogether.
This week I was invited to lend my “expert thoughts” on a recent news piece on a UK intelligence agency which has opened up their hiring practices to include an online code cracking competition. The team over at CNN’s Situation Room thought this was an interesting concept and invited me in for a quick discussion….
Remember the scene in Jerry Maguire where he has returned to his office to collect his stuff, after learning he has been let go, and he has a bit of a freak-out on the way out the door, grabbing the goldfish and making bold claims about the company he is going to build that will…
|Exploit Impact:||Remote Code Execution
The economy of cyber-crime is all too real—and too enticing. No longer sequestered to dark alleys and seedy bars, data thieves have almost unlimited options to market their ill-gotten wares to potential buyers. What this means to employers and organizations: the temptation to access and “appropriate” sensitive data may be too great for some to resist.
What does influenza, 0day viruses and least privilege have in common you may ask? Besides just being a cool title to get you to read this blog, it turns out that natural mutations, the fear of the unknown and reducing attack surfaces is the short answer. The long answer is best understood by first reading…
We’ve talked about least privilege throughout thisblog over the past two years at length, but why should a desktop user care? Ultimately, a user needs admin rights on the desktop to
No, I’m not talking about the Mars candy, funny characters pervasive on your TV, or even the legendary brown ones from a Van Halen concert rider.
Microsoft has included recovery capabilities with every release Active Directory (AD) from Windows Server 2000 on. There is a saying that has been around in IT for a long time, “An administrator is only as good as their last backup”. This is because accidental deletions of a single user object to the removal of hundreds…