Audun Lødemel
Latests Posts by Audun Lødemel
Patch Tuesday Problems – When 30 Days Was In Fact 2
We recently wrote about Microsoft’s March Patch Tuesday. This month, the company’s monthly patch cycle was relatively mild, addressing six issues in total, but only a single critical vulnerability – a flaw that allowed an attacker to execute any code they desired remotely without authentication. According to the security bulletin, … Read More
Changes in Data Protection Privacy Laws May Raise the Stakes on Data Breaches
Technology advances in storage and computing models (e.g. cloud) have made it possible for modern companies to save massive amounts of data about their customers and partners. These increasingly large stores of information can provide insights that improve marketing efforts, help refine product offerings or even enable completely new service/product … Read More
Patch Tuesday Targets Critical Windows Bug
Yesterday it was time for Microsoft’s monthly ritual, Patch Tuesday, when Microsoft released a regularly scheduled batch of security fixes. This month’s list of fixes is unusually mild –six bulletins that fix six vulnerabilities and Microsoft only classifies one as critical. Although March’s Patch Tuesday is light, the addition of … Read More
Winning the Battle Against Advanced Persistent Threats
Advanced persistent threats (APTs), non-traditional attacks designed to remain undetected for long periods, have been making headlines for the last couple of years due to high profile attacks against companies like RSA, Google, Sony and even nations. Despite the frequent discussion, there is still some disagreement on the precise definition … Read More
Information is Power
You may have heard the saying, “Information is power.” This is especially true when it comes to securing your network. When your network is breached, the attacker has information about your network that you do not. The attacker is aware of some vulnerability or flaw that allows them to gain … Read More
SCADA Environments Lack Sufficient Information Security
The technicians at a local chemical manufacturing plant have discovered that a virus has disabled their temperature monitoring controls. Although they are unsure of when the virus compromised the systems, they do know several vats are overheating. Alarms are signaling that an immediate evacuation is required. The warning isn’t limited … Read More
How To Manage Security Threats Related To Employee Behavior
Humans, sometimes referred to as wetware by security insiders, are a major source of enterprise security vulnerabilities. Cyber criminals regularly target employees and temporary workers with malware and social engineering attacks to breach security defenses and gain access to private information. You might assume that as technology savvy twenty-somethings fill … Read More
How To Minimize The Risk Of Indirect Attacks
Life isn’t fair and neither is security. You follow best practices. You have well defined policies for data protection. All of your endpoints are secure. You can go ahead and take those extra vacation days you rolled over last year, right? Not a chance. Even if you have done everything … Read More
Is You Data Security Disappearing Into the Clouds?
Personal cloud services are popping up like spring weeds. Services like DropBox, Box.net, iCloud, Amazon Cloud Drive and soon Windows 8 (via SkyDrive) entice users with promises of free storage and accessibility from everywhere on every device, and utilization of these services is continuing to expand. According to Forrester, personal … Read More
Data Deleted, but Not Forgotten
Storage devices keep getting larger. Business computers with hard disks of 500 gigabytes or even one terabyte (1,000 gigabytes) are now common. Companies use these devices for years, each day amassing huge stores of private details from email to corporate processes and customer information. Organizations often expend significant time, money … Read More
Norman Blog Archive
- May 2012 (10)
- April 2012 (17)
- March 2012 (16)
- February 2012 (20)
- January 2012 (19)