Blog Posts Tagged with "Databases"

3e35900ae6facc6c146a85c435c71d82

Two New SQL Security Books from Syngress

November 29, 2012 Added by:Ben Rothke

Since SQL is so ubiquitous on corporate networks, with sites often running hundreds of SQL servers; SQL is prone to attacks. SQL injection is a technique often used to attack databases through a website and is often done by including portions of SQL statements in a web form entry field...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

The Data Compromise Evolutionary Clock Is Ticking

August 22, 2012 Added by:Kelly Colgan

The digitization of medical records may make folks queasy, but it is also efficient, offering an opportunity to save both money and lives. It is in fact inevitable. Unfortunately, so are data breaches and the identity compromises that follow. We need to be deadly serious because lives are at literally at stake...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

Oracle Security Alert Analysis

August 19, 2012 Added by:Alexander Rothacker

So, what is this new vulnerability all about? It’s a privilege escalation vulnerability that gives an attacker SYSDBA privileges. In order to perform the exploit, one needs to have CREATE TABLE and CREATE PROCEDURE privileges as well as EXECUTE privileges on DBMS_STATS package...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

FBI’s Facial Recognition is Coming to a State Near You

August 07, 2012 Added by:Electronic Frontier Foundation

The FBI wants to be able to search and identify people in photos of crowds and in pictures posted on social media sites—even if the people in those photos haven’t been arrested for or even suspected of a crime. The FBI may also want to incorporate those crowd or social media photos into its face recognition database...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Ticking Time-Bombs: Production Data in Non-Production Systems

August 03, 2012 Added by:Rafal Los

While it's not really OK to have a vulnerable application sitting out on the 'net, at least if it's in "stage" mode it shouldn't have real data... right? Unfortunately this wasn't the case in many of the incidents I experienced. It's time to remind ourselves that anything that is accessible should be well protected...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Data: The Final Frontier of the Collapsing Perimeter

July 16, 2012 Added by:Rafal Los

If we as IT professionals and architects acknowledge that the perimeter is now around the data, what solutions do we have for protecting it? How can we protect data which is mobile, usable, and in a constant state of danger? The answer seems to be some form of protection that involves our old friend, encryption...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Big Data Analytics: On Structured and Unstructured

July 08, 2012 Added by:Ben Kepes

Analysis of unstructured data is the hot topic these days – organizations are lured by the promise of deriving huge incremental value by gaining insights from crunching vast pools of seemingly random numbers to determine patterns and trends. It’s not a huge surprise that structured data analytics gets forgotten...

Comments  (0)

F2792196079f2c16cd02be6e9ff5b3da

Why Open Source is Not Always the Best Bet

July 02, 2012 Added by:DHANANJAY ROKDE

Although open source software appears fantastic at the outset, they often come with an indirect price to pay, and it takes a lot of time for the organization to realize this. If your organization is hit by the ‘using open source to reduce costs’ wave, here are a few points you to look at before taking the leap...

Comments  (1)

68b48711426f3b082ab24e5746a66b36

Ensuring Data Integrity via Checks, Tests, and Best Practices

June 04, 2012 Added by:Fergal Glynn

As a process, data integrity verifies that data has remained unaltered in transit. As a state or condition, it is a measure of the validity and fidelity of a data object. As a function related to security, means information is exactly as it was inputted and is auditable to affirm its reliability...

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Making Mobile Health Security Possible

May 20, 2012 Added by:Patrick Oliver Graf

It’s no secret that healthcare is going mobile. If hackers or disloyal employees scan or manipulate health data that is sent via mobile applications, the consequences can range from embarrassment to death. Ensuring these connections are secure is absolutely critical...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Growing Mistrust of India’s Biometric ID Scheme

May 14, 2012 Added by:Electronic Frontier Foundation

In India, a massive effort is underway to collect biometric identity information for each of the country’s 1.2 billion people. The incredible plan has stirred controversy in India and beyond, raising serious concerns about the security of individuals’ personal data...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Federal Charges Filed in Case Involving Theft of Trade Secrets

May 14, 2012 Added by:Headlines

The indictment alleges that Janice Kuang Capener took information related to customers and the pricing and sales of products without authorization from secure Orbit databases, and used that information for herself and others to the economic detriment of the company...

Comments  (0)

94c7ac665bbf77879483b04272744424

Where is My Information?!?!

May 10, 2012 Added by:Marc Quibell

Here's the problem - too many people have too much information about you, stored in or on who-knows-what, and who-knows-where. The risks of having your identity stolen and used are astronomical. All it requires is someone on the receiving end putting it all together...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Six Good Reasons to De-Identify Data

May 08, 2012 Added by:Rebecca Herold

Even though it sounds complicated there are many good methods you can use to accomplish de-identification. The great thing is, under many legal constructs de-identification is an acceptable way to use personal information for purposes beyond which the personal data was collected...

Comments  (2)

53692ae1a8e713373b8a487ce89ee3e2

Three Areas to Test when Assessing Mobile Applications

May 02, 2012 Added by:Tom Eston

Mobile Application testing is something that will evolve as mobile apps get more complex and the business drives more towards mobile solutions. If you’re deploying mobile apps for your business it’s more important than ever to have testing done on three areas at a minimum....

Comments  (1)

F2792196079f2c16cd02be6e9ff5b3da

Why Do You Need Privileged Identity Management?

April 30, 2012 Added by:DHANANJAY ROKDE

Most access provided is typically role-based. However, many forget to consider factors like data classification and ownership. Network, system and database managers get access to what they are responsible for, but there are five questions that need to be asked...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »