Security Exposed

Norman’s Security Exposed Blog offers information about general security topics. This blog provides insight into security issues in a way that does not require the readers to have extensive technical knowledge. The Security Exposed Blog’s contributors are experts from different parts of Norman’s organization.

Latest Posts in Security Exposed

Understanding Hacker Strategies – Part 2

May 14, 2012 by Darin Andersen - No Comments

Many security teams think that if they have a couple of firewalls, an IPS and antivirus software implemented, they’re home free. The servers get patched, the team is alerted when network traffic behaves badly and viruses are quickly killed. Hackers know, however, there are many ways to probe, some do … Read More

Tags: Antivirus, authentication, Social Engineering, VPN

Those Pesky Passwords

May 11, 2012 by John Callahan - 1 Comment

As I mentioned in a previous post, the long-ago patched Conficker worm is continuing to infect millions of new computers. Researchers have found that nearly every incident, 92 percent, is due to a single practice – poor password security. Unfortunately, the spread of Conficker is far from the only problem … Read More

Tags:

Understanding Hacker Strategies

May 7, 2012 by Darin Andersen - No Comments

I’m always amazed at how easy it can be to obtain company information. SearchSecurity has an excellent series to help us better understand hacker attack techniques and tactics. Serious hackers typically perform extensive reconnaissance prior to hacking into a network. Often, employees will make this work much easier than it … Read More

Tags: endpoint protection, hacking, network protection, patch and remediation

Security Doesn’t Need to be Complicated

May 2, 2012 by John Callahan - 1 Comment

As hard as it is to believe, the three-year old Conficker worm, long patched, is still causing significant security problems in many businesses, according to Microsoft’s recently released bi-annual Security Intelligence Report. Conficker infections have increased 225 percent each quarter since its discovery in late 2008. Researchers report that the … Read More

Tags: Antivirus, Cornflicker, network protection, patch and remediation, worms

Significant SCADA Breaches Are Not Inevitable

April 27, 2012 by Darin Andersen - No Comments

I was struck by one of the surveys that emerged from RSA. When asked about the likelihood of a significant SCADA breach in 2012, 48 percent replied, “yes.” Patrick Miller, the Founder, CEO and President of EnergySec, and principal investigator for NESCO, a DOE- funded partnership focused on enhancing cybersecurity … Read More

Tags: critical infrastructure, RSA, SCADA, security breaches

Unfriending Social Media Security Threats

April 24, 2012 by John Callahan - No Comments

Social media has transcended its origins as a tool for personal networking and social diversion; its use is now pervasive at work as well. While many individuals actively use social media at work, increasingly businesses leverage social media to increase brand awareness, share information and better understand consumer sentiment. The … Read More

Tags:

Using a VPN Doesn’t Mean Your Information Is Safe When You Travel

April 18, 2012 by Darin Andersen - No Comments

In another twist that demonstrates the ingenuity of hackers, iBahn, a broadband service provider to hotels such as Marriott, has suffered cyberattacks that potentially expose millions of emails and other confidential information. A recent article in Bloomberg BusinessWeek provides details. By breaking into iBahn, hackers can use traveling employees as … Read More

Tags: hacking, Privacy, security breaches

April 2012 Patch Tuesday Addresses Critical Issues in Popular Microsoft Products

April 18, 2012 by John Callahan - No Comments

Right on schedule, Microsoft has released its monthly batch of security updates. The April update includes six bulletins, four of which Microsoft categorizes as critical. Microsoft rates the remaining two bulletins as important. In total, the six bulletins resolve eleven vulnerabilities in Windows, Internet Explorer, .Net Framework, Office, SQL Server … Read More

Tags: enterprise security, Patch Tuesday, Vulnerabilities, Vulnerabilities / Exploits

Many Mid-Size European Businesses Face Security Challenges

April 16, 2012 by John Callahan - No Comments

Mid-Sized European Businesses Not Meeting the Challenge of Data Security Many mid-sized businesses may believe that they are too small for attackers to target, but this assumption is far from valid. Any organization that stores information – whether it’s customer records, product data or trade secrets – are at risk … Read More

Tags:

It’s Time to Focus on Prevention versus Disclosure

April 10, 2012 by Darin Andersen - No Comments

The Global Payments security breach has rapidly fallen out of the news and that’s too bad. On last report, Visa had dropped the company as a payment processor and the final tally of accounts that may have been breached topped 1.5 million. But the bigger and ongoing question is, what … Read More

Tags: hacking, Privacy, security strategy

← Older Posts

Security Exposed Bloggers

Norman Blog Archive

2012 (81)
2011 (86)
2010 (47)
2009 (31)
2008 (11)

Subscribe