Archive of posts filed under the General category.
Infosec Introverts
ComputerWorld’s Best Careers for the Introverted IT Pro article caught my eye. Information Security Analyst is one of the suggested jobs. Laurence Shatkin, author of 50 Best Jobs for Your Personality says, “This career is so focused on data and, to a lesser extent, on hardware that it offers many opportunities for solitary work.” This …
XPiration.
The SANS blog post today about an AVG false positive in Windows XP reminded me that we’re just over a year away from XPiration. (Think that will be a hashtag next year?). So I’m getting an early start on the tech media flood of articles on the impending end of support for Windows XP. On …
LastPass Enterprise Updates
A couple of good updates if you’re a LastPass Enterprise customer. The LDAP sync utility version has been updated and will now run as a service. Before it ran as an application, and that didn’t work well for me. The LDAP sync talks to your directory and updates new users and disabled/deleted users according to …
Self Encrypting Drives
For protecting data at rest on hard drives, hardware encryption has long been forecast to surpass software based encryption. At first the problem was having enterprise manageability and single sign on with a Windows account. There are now several different management platforms for self-encrypting drives (SED). Then the issue was compatibility. The Opal standard should rectify …
Java 7 update 11 released
Java 7 update has been released patching the latest zero day. Since Friday, its been hard to turn on the news without hearing about this Java vulnerability and Homeland Security’s advice to disable or remove Java. Now you don’t have to potentially denial of service yourself to be protected from this attack. Disabling the browser …
No glitch, just poor key management
Imagine my surprise when I opened today’s Washington Times and saw an above the fold article titled “Glitch Imperils Swath of Encrypted Records.” It’s already getting pretty deep. “In the worst-case scenario, most of the data on the servers of every company in the developed world gets wiped out,” Tatu Ylonen, chief executive officer of SSH …
Preventing Phishing the Company From Your Domain
If a phish or spam comes into your company with a From address of your company’s domain, recipients may be more likely to take action. That quick decision can lead to compromised computers. Coca-Cola found itself the victim of a hack when an email masqueraded as Coca-Cola’s chief executive, sending an email to Paul Etchells, Coca-Cola’s deputy president …
Continue reading ‘Preventing Phishing the Company From Your Domain’ »
The New Playbook
In his book “Advanced Persistent Threat, Eric Cole tells a story about his son’s basketball team. They lost every single game. The coach didn’t understand, 15 years ago when he coached these plays worked great. Do you ever feel like that coach? You’re running an old playbook and you just don’t understand what is happening. A lot …
We’re All Infected
**Walking Dead spoilers for episode 1 of this current season *** I’m reading Advanced Persistent Threat by Eric Cole. It came out on November 27th in paperback form for $50 (seriously, is this priced for college bookstore use?). It will be available on December 27th for Kindle but only at a $10 discount. I may have a …