Blog Posts Tagged with "Operating Systems"
Do Too Many Controls Increase Risk?
January 09, 2011 Added by:Mark Gardner
Implementation of controls such as IDS / IPS / AV or non-technical controls such as screening of individuals are examples of controls that may work on implementation, but unless they are updated or re-screened over time, they do not take account of changes in circumstances...
Comments (1)
Fake Windows Security Update Spreading Malware
January 04, 2011 Added by:Headlines
A fake security update notification for Windows is spreading malware code that installs an auto-run worm on PCs. There may be other versions of the email circulating which may contain variances in the sender, subject line, file name and email text. The content of the email is as follows...
Comments (0)
Hackers Crack the PS3 and Multi-touch iPod Nano
January 03, 2011 Added by:Headlines
The PS3 has been a veritable fortress since it came on the market in 2006, but a team of hackers has found a vulnerability in the unit's software that allows a bypass of the console's operating system...
Comments (0)
Is Sandboxing the End-All Solution?
January 01, 2011 Added by:Dan Dieterle
When you have millions of lines of code, like you have in an Operating System, you will have bugs. Hackers can use these coding bugs to create exploits. Microsoft and Adobe products have been a favorite target for hackers. But how do you protect software from hackers when there are unknown bugs?
Comments (1)
Complete PCI DSS Log Review Procedures Part 5
December 26, 2010 Added by:Anton Chuvakin
This section covers periodic log review procedures for applications in scope for this project. Such review is performed by either application administrator or security administrator. The basic principle of PCI DSS periodic log review is to accomplish the following...
Comments (0)
Using Temporary Files in Linux Scripts Securely
December 07, 2010 Added by:Jamie Adams
Some sysadmins who write scripts might store sensitive data in temporary files, don't restrict access to temporary files, and might forget to remove them from the system when they are no longer needed. In many cases, they use them when it isn't even necessary...
Comments (0)
Sandboxing: Understanding System Containment
November 29, 2010 Added by:Jamie Adams
The idea of containment within an operating system is sometimes referred to as sandboxing. Some of the more popular technologies specifically designed to accomplish this come to mind: FreeBSD jails, Solaris Containers (including Solaris Zones), and SUSE Linux's AppArmor...
Comments (5)
LISA 2010: OS Security In The Cloud
November 21, 2010 Added by:Jamie Adams
Unused services should and must still be disabled, discretionary access controls tightened, and regular software updates applied. The same holds true when it comes to operating system images deployed in the cloud...
Comments (0)
Mac Users Get Massive Security Wake Up Call
November 18, 2010 Added by:Headlines
Mac users, who have have long been used to lambasting Windows users over security issues, are getting a big dose of exploit reality this week as Apple releases fixes for 134 vulnerabilities. The record-breaking patch release for Mac OS dwarfs Microsoft's record of 49 patches...
Comments (0)
Which Linux or UNIX Version Am I Running?
November 17, 2010 Added by:Jamie Adams
Linux distributions are built off of standard kernels but are packaged and bundled differently. Some distributions are Debian-based while others might be Red Hat-based. The collection of packages and how the packages were compiled and delivered are what make Linux distributions unique...
Comments (2)
Mac Users Beware
November 12, 2010 Added by:Mark Baldwin
There is a widespread belief that Mac OS X is inherently more secure than Windows and that by using a Mac, one is protected from all threats. Unfortunately, not only is this not true, it is dangerous, as it leads people to not take appropriate precautions to protect their computers...
Comments (1)
Dangers of Self-Managed Development Environments
November 03, 2010 Added by:Jamie Adams
I have seen developers relax security controls during unit development only to be bewildered when full integration testing fails. Many database administrators have strict controls which developers must adhere to. Why isn't it the same when it comes to base operating system resources?
Comments (3)
Using Windows XP Drop My Rights Utility
October 25, 2010 Added by:Robb Reck
Drop My Rights is a free Windows XP utility offered by Microsoft that allows you to be logged into your computer as an administrator while running high risk programs like Internet Explorer, Firefox and Outlook with reduced privileges...
Comments (2)
Implementing Linux File Systems Sensibly
October 13, 2010 Added by:Jamie Adams
Linux file systems are an essential operating system resource. Modern file systems and disk drive technology are robust and reliable — so, most administrators put little effort into planning or worrying about them once the operating system is configured. This makes me both smile and cringe...
Comments (4)
Broken Links in Linux File Systems Can Be BAD
October 10, 2010 Added by:Jamie Adams
Broken links are not only annoying little Tribbles which consume file system resources, they also pose a security risk in the form of a Trojan Horse. A good system administrator will try to control these by using best practices, common sense, and educating their users...
Comments (0)
Keeping Linux File Systems Clean and Secure
October 06, 2010 Added by:Jamie Adams
The term clean is also associated with performing file system checks to ensure structural integrity with tools such as fsck.ext3(8). In addition to these critical activities, you should routinely "clean" file system access controls — ownerships and permissions...
Comments (0)
- Edge Computing Set to Push Security to the Brink
- Make It So: Accelerating the Enterprise with Intent-Based Network Security
- Threat Horizon 2022: Cyber Attacks Businesses Need to Prepare for Now
- Why the Latest Marriott Breach Should Make Us "Stop and Think" About Security Behaviors
- Examining Potential Election Vulnerabilities: Are They Avoidable?
- Google Skips Chrome 82, Resumes Stable Releases
- Benchmarking the State of the CISO in 2020
- Cyberattacks a Top Concern for Gov Workers
- Hackers Target Online Gambling Sites
- When Data Is Currency, Who’s Responsible for Its Security?