Vulnerabilities

October 17, 2017

Not the best week for security protocols and technologies

The past few days have not been particularly good ones for the technology community.  First, we learned that the increasingly fragile WPA2 protocol has some glaring […]
May 31, 2011

Just ask Sony…

Why should you take your organization’s information security posture seriously? Just ask Sony.  It has been estimated that Sony will spend more than $170 million dollars due to […]
April 29, 2011

Reactive Security: Feel the pain in 2011+

We are only one third of the way into 2011, but we have had some of the largest information security breaches of the decade – and […]
March 31, 2011

Maintaining Good Security Practices

Security is not just a state of being. We are often called to provide an assessment about our present security posture, and usually, the person asking […]
May 10, 2010

It’s Time to Re-evaluate Host-based Security

I’ve said it for a few years now, but host-based antivirus is really not working out anymore.  Not with its reliance on signatures to detect malware. […]
April 15, 2010

The InfoSec Perspective for April 2010

It has been a busy month or so for information security.  Apple has patched a vulnerability that was showcased in a recent hacking contest, Microsoft has […]
December 5, 2006

Zero-Day Tracker from eEye Digital Security

The folks at eEye Digital Security have put together a website that tracks various zero-day vulnerabilities, and offers analysis and remediation recommendations.  The site is called Zero-Day Tracker, and […]
October 20, 2006

Security: Product vs People and Process

One of the hardest concepts to emphasize concerning Information Security is that people and processes are more critical to your overall security posture than products are.   […]
October 18, 2006

Oracle’s Patch Updates

October 2006 is going to be a major month for Oracle.  First, the database and middleware powerhouse has made some significant changes to its patch management process. Secondly, […]