Posts Tagged ‘least privilege’
Internet Explorer 8 0day
Last week, news broke that the U.S. Department of Labor’s (DoL) website was compromised… and that it had been serving up Internet Explorer 0day to its visitors. This 0day, CVE-2013-1347 (Retina Audit 19041 – Microsoft Internet Explorer 8 Remote Code Execution Vulnerability (Zero-Day)), only affects Internet Explorer 8 on Windows XP, Vista, and Windows 7 (as well as Server 2003,…
Security Tools for IT
There is still a divide between the Security Operations Center (SOC) and the Network Operating Center (NOC). Security Operations is more strategic following security best practices to improve corporate security posture (based on business risk) and to ensure implementation of security policies and compliance. While IT is focused on network management, infrastructure availability and SLAs…
Least Privilege and South Korea
No, this isn’t some editorial piece about the interrelationships of varying social strata in South Korean society and Gangnam Style. Despite how interesting that may be, we are instead taking a quick look at the latest “wiper” malware to strike fear in the hearts of CTOs and IT admins alike – DarkSeoul (or Jokra or…
Oracle’s Java Hates Least-Privilege
Recently, there has been a lot of commentary and discussions about what to do about the state of security and the seemingly endless attacks that we are facing. There are, of course, many recommendations that are being made at a governmental level of how best to approach this problem through the use of information sharing…
IT Security’s Best Kept Secret – Hiding in Plain Sight
This blog post was first posted on Wired.com on January 22nd, 2013. It can be found, in it’s original formatting, here: http://insights.wired.com/profiles/blogs/it-security-s-best-kept-secret-hiding-in-plain-sight There’s a reason the old saying “an ounce of prevention is worth of a pound a cure” resonates in so many situations – because it’s true….
Don’t say “Lockdown”!
Here at BeyondTrust, we have been fortunate to be able to speak with thousands of security professionals in dozens of industries, and it is astonishing how differently organizations assess risk and approach computer security. Some organizations are very strict about security and are able to completely lock down desktops. Others are significantly more lax about…
5 ways to protect your sensitive data in the cloud – webinar with IBM
In 2 weeks, we’ll be hosting a live webinar with IBM’s Ed Bottini, Cloud Ecosystem Program Director and our own, Jim Zierick, EVP of Product Operations to discuss ways to protect your sensitive data in the cloud. We know cloud security is on everybody’s mind so be sure to join us on Tuesday, June 26 at 9AM-10AM PDT….
