If you have ever hired a Professional Services team to do an integration project, you know that it takes planning and tenacity to pull it through to the end. Depending on the breadth of the integration, the difficulty of accomplishing this varies. So, what makes an Identity Management integration […]
When configuring the Bacula client, we don’t need the full-blown Bacula installation, but just the bacula-client package that we can simply install by using the apt-get command. The client configuration consists of editing the /etc/bacula/bacula-fd.conf configuration file and ensuring that the name and the password in the Director definition […]
This article presents the integral concepts of Bacula operation and management, which are integral parts of every Bacula backup solution and must be understood in detail. When using Bacula, we must first be up-to-date with the following Bacula terminology:
Director: the director’s name and the access password used for authentication […]
In this endeavor I’ve chosen to use Bacula backup software for the reasons outlined above. First we must talk about the Bacula server, but the outlined concept refers to all backup servers out there. There are multiple questions that need addressing: in a virtualized environment, should we backup our […]
Five Eyes and more
In the last twelve months, whistleblower Edward Snowden has revealed to the public how invasive is the cyber strategy of the US government and its cyber allies, Canada, the UK, Australia, and New Zealand.
These governments have an intense cooperation in signals intelligence, also known as SIGINT, […]
The particular exploits in this article take advantage of systemic query factory vulnerabilities, vulnerabilities which exist throughout an entire application’s SQL generation code, found in a deprecated version of OSCommerce’s development/unstable tree (specifically version 3.0.3 alpha) that were implemented by other developers into their own product’s stable tree. While […]
A few weeks ago, I wrote an article for 2600 Magazine. (If you’re curious, publication has been confirmed and you’ll probably see it in the Winter 2014-2015 issue.) The form email you get when you email an article submission says:
“We don’t recommend sending PGP encrypted articles as we frequently […]
A honey pot is a computer system that is expressly set up to attract and trap an attacker who is attempting to compromise the information systems in an organization. Honeypots can also analyze the ways in which attackers try to compromise an information system, providing valuable insight into potential […]
The cloud is expanding. More applications are being run online. More data is being stored online. More businesses are relying on public, private, and hybrid clouds for their apps, records, and backups. And more hackers are taking advantage.
Why Security Breaches Happen in the Cloud
Hackers aren’t attacking the cloud; the […]
In this article we will learn about one of the most important features introduced by Microsoft from the perspective of network access protection (NAP). We will also cover all the main concepts surrounding NAP and various design scenarios and best practices.
Network Access Protection (NAP) is a platform to check […]
1. IntroductionCreating a backup procedure is a very important aspect for a company, because a loss of data can result in great damage to the company, possibly even a company going bankrupt. Proper backup mechanisms are usually not in place or are poorly designed, which becomes evident once it’s […]
Security experts at Trend Micro have recently uncovered a hacking campaign dubbed “Operation Emmental” which targeted Swiss bank accounts with a multi-faceted attack.
Bad actors were able to bypass the two-factor authentication mechanism used by the bank to secure its customers’ accounts. The researchers at TrendMicro coded the campaign […]
Cyber insurance coverage has been available on the market for a decade, but only recently companies have been seeing a significant growth—sales of cyber insurance in 2013 escalated 30 percent in comparison with 2012, according to the Global Head of Professional Liability for AIG Tracie Grella.
Now cyber insurance is […]
Cloud computing is changing the way we interact with devices, software, data and processes. But some things never change, and one thing that remains true across the old and new computing paradigms is the importance of authentication to confirm the identity of the user and/or system with which we’re […]
At the beginning of this year, an Intermap poll found that cloud security is still a major obstacle to cloud adoption, with 40% of respondents still wary of going to the cloud for that reason, although many experts, such as the panel at the most recent RSA Conference, say […]
In the previous article, we had already configured the Mod-Security Firewall with OWASP Core Rule Set (CRS). But installing and configuring the Mod Security alone is not enough, as we are using the standard OWASP Core Rule set. The common problem with standard OWASP (CRS) is that it gives […]
Canadian Chinese Embassy spokesperson Yang Yundong can’t pull the wool over my eyes.
“The Chinese government has always been firmly opposed to and combated cyber attacks in accordance with the law. In fact, China is a major victim of cyber attacks,” he said on July 29th.
Mr. Yundong released that statement […]
When a cookie has secure flag set, it will only be sent over secure HTTPS, which is HTTP over SSL/TLS. This way, the authentication cookie will not be disclosed in insecure communication (HTTP). It turns out, however, that an insecure HTTP response can overwrite a cookie with secure flag […]
Tor is the acronym of “The onion router”, a system implemented to preserve online anonymity. Tor client software routes Internet traffic through a worldwide volunteer network of servers that hide user information, eluding surveillance of government and other bad actors.
The Tor project was born in the military sector, sponsored […]
Voice over Internet Protocol (VoIP) is a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. VoIP communication has reduced the cost of international calls dramatically allowing people to dial ISD calls with a cheaper […]