Norman Safeground Blogs

insight, opinion & information


Tag Archives: enterprise security

April 2012 Patch Tuesday Addresses Critical Issues in Popular Microsoft Products

Right on schedule, Microsoft has released its monthly batch of security updates. The April update includes six bulletins, four of which Microsoft categorizes as critical. Microsoft rates the remaining two bulletins as important. In total, the six bulletins resolve eleven vulnerabilities in Windows, Internet Explorer, .Net Framework, Office, SQL Server … Read More

Patch Tuesday Problems – When 30 Days Was In Fact 2

We recently wrote about Microsoft’s March Patch Tuesday. This month, the company’s monthly patch cycle was relatively mild, addressing six issues in total, but only a single critical vulnerability – a flaw that allowed an attacker to execute any code they desired remotely without authentication. According to the security bulletin, … Read More

Changes in Data Protection Privacy Laws May Raise the Stakes on Data Breaches

Technology advances in storage and computing models (e.g. cloud) have made it possible for modern companies to save massive amounts of data about their customers and partners. These increasingly large stores of information can provide insights that improve marketing efforts, help refine product offerings or even enable completely new service/product … Read More

Patch Tuesday Targets Critical Windows Bug

Yesterday it was time for Microsoft’s monthly ritual, Patch Tuesday, when Microsoft released  a regularly scheduled batch of security fixes. This month’s list of fixes is unusually mild –six bulletins that fix six vulnerabilities and Microsoft only classifies one as critical. Although March’s Patch Tuesday is light, the addition of … Read More

Winning the Battle Against Advanced Persistent Threats

Advanced persistent  threats (APTs), non-traditional attacks designed to remain undetected for long periods, have been making headlines for the last couple of years due to high profile attacks against companies like RSA, Google, Sony and even nations. Despite the frequent discussion, there is still some disagreement on the precise definition … Read More

Information is Power

You may have heard the saying, “Information is power.” This is especially true when it comes to securing your network. When your network is breached, the attacker has information about your network that you do not. The attacker is aware of some vulnerability or flaw that allows them to gain … Read More

SCADA Environments Lack Sufficient Information Security

The technicians at a local chemical manufacturing plant have discovered that a virus has disabled their temperature monitoring controls. Although they are unsure of when the virus compromised the systems, they do know several vats are overheating. Alarms are signaling that an immediate evacuation is required. The warning isn’t limited … Read More

How To Manage Security Threats Related To Employee Behavior

Humans, sometimes referred to as wetware by security insiders, are a major source of enterprise security vulnerabilities. Cyber criminals regularly target employees and temporary workers with malware and social engineering attacks to breach security defenses and gain access to private information. You might assume that as technology savvy twenty-somethings fill … Read More

How To Minimize The Risk Of Indirect Attacks

Life isn’t fair and neither is security. You follow best practices. You have well defined policies for data protection. All of your endpoints are secure. You can go ahead and take those extra vacation days you rolled over last year, right? Not a chance. Even if you have done everything … Read More

Is You Data Security Disappearing Into the Clouds?

Personal cloud services are popping up like spring weeds. Services like DropBox,, iCloud, Amazon Cloud Drive and soon Windows 8 (via SkyDrive) entice users with promises of free storage and accessibility from everywhere on every device, and utilization of these services is continuing to expand. According to Forrester, personal … Read More

Norman's Bloggers

Norman Safeground Blogs Archive