Blog Posts Tagged with "Privilege Escalation"

0a8cae998f9c51e3b3c0ccbaddf521aa

Separation of Duties for System Administrators

January 09, 2012 Added by:Rafal Los

How do our organizations treat administrators (more specifically highly privileged users) when they are removed from active duty? It seems that in large organizations the issue is easier to at last draw a line around than in smaller orgs - but the problems remain...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Analyzing the Poneman Study on Privileged Users

December 29, 2011 Added by:Rafal Los

How much access do those employees and system administrators have to your critical intellectual property, company secrets and other secret information? And how often do they take a peek behind the curtain... you know, just for curiosity?

Comments  (0)

69dafe8b58066478aea48f3d0f384820

HTML Tag Can Cause Windows 7 x64 Blue Screen of Death

December 21, 2011 Added by:Headlines

“The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via a specially crafted web page containing an IFRAME with an overly large height attribute... Successful exploitation may allow execution of arbitrary code with kernel-mode privileges..."

Comments  (0)

12ea1d6ac442fbf368f1da078fd43220

Keeping Privileged Users Under Control in Oracle Database

October 03, 2011 Added by:Esteban Martinez Fayo

SYSDBA privilege has unlimited access to all data and can make any configuration change. With DatabaseVault installed, it is possible to restrict SYSDBA users from accessing certain data but the protection is not complete. There are ways to bypass the defenses and compromise the data...

Comments  (1)

Af9c34417f8e5e0d240850bb353b5d40

Is Too Much Focus Put on the Application Layer?

May 06, 2011 Added by:Keith Mendoza

Information system security is really nothing new, its just that no one has paid attention to it until recently; and the focus seem to mostly be on securing the application. My question is: who will make sure that the attack vector will not come from the hardware layer?

Comments  (4)

7e364bbac217114a59e547b354e7f7ad

Let’s Go with the Web Application Scan... It's Cheaper

April 21, 2011 Added by:Gary McCully

Many times, when choosing a Web Application Assessment, a company will choose the cheapest Assessment available without understanding the Pros and Cons of each Web Application Security Assessment. It is important to realize the fact that the cheapest option is not always the best option...

Comments  (0)

314f19f082e69886c20e31c70fe6dceb

Using Ninja to Monitor And Kill Rogue Privilege Escalation

February 22, 2011 Added by:Rod MacPherson

Once a hacker (if they have malicious intent we'll call them crackers) has found a way onto a system s/he then usually needs to jump to the Administrator or system or root account. Ninja is a program for Linux (and presumably most Unix like OSes) that monitors for such privilege escalation...

Comments  (4)

Page « < 1 - 2 > »