Recently I had the opportunity to participate in a GFI case study for the popular GFI FaxMaker software. Last Tuesday March 10th 2015, a video production company visited me in my home office to record the case study. They carried with them a ton of lighting and state of the art video gear.
For those of you unfamiliar with the term “case study” here is the best way to explain it. A case study is an examination of how a customer uses a product, and how the product benefits their business, and or improves their business processes. Continue reading →
Turn back the clock to late last year. At the height of the holiday season, between November 27 and December 15, hackers certainly gave new meaning to the term “hit the bull’s-eye!”
Cybercriminals toyed with retail giant Target, known for the circular red and white logo that symbolizes its name. Information from 40 million guest debit and credit card accounts was stolen – or so it was thought. The initial estimate, already among the largest in U.S. corporate history, turned out to be a fraction of the total. Today, it ranges from 70 million to 110 million, depending on reports. Continue reading →
The Payment Card Industry Data Security Standard (PCI DSS)
compliance is a set of specific security standards developed by the
payment brands* to help promote the adoption of consistent data
security measures that are needed to protect sensitive payment card information.
Although not all stories in the tech press are directly related to security, they often highlight issues that can be excellent educational material. A recent story in The Register about a researcher who wanted to map the Internet caught my attention.
The researcher had a Herculean task to complete: to scan billions of IP addresses using the few computers he had at his disposal. He obviously needed help but where does one find that level of assistance? The researcher gave this some thought and decided to try and exploit insecure systems connected to the Internet. That surely would help. Continue reading →
GFI EventsManager, the company’s award-winning log management software, now includes the established active network and server monitoring capabilities found in the company’s popular GFI NetworkServerMonitor®solution. This new functionality, combined with GFI EventsManager’s existing log management capabilities, gives IT administrators a holistic view of their infrastructure’s performance. Continue reading →
They say the road to hell is paved with good intentions – any sys admin would relate to this. You have nothing but the best intentions when you install a tool, set up a service, or plug in a device on your network, convinced that that these will be of benefit. Yet how often did you find out that instead of helping to manage or improve the infrastructure, the results were disastrous, security holes were opened, making audits a nightmare and creating other major issues for everyone?
Many of the things on this list could still be a good idea under the right circumstances, and with the right controls, but the risk is still very high. To help you avoid the pain and suffering here are 10 of the most dangerous things to have on your network.
1. Anything with a DHCP service
Be it a wireless router, personal firewall, or a virtual machine instance on a bridged connection, adding anything that runs DHCP onto a production network can cause problems for everyone on that VLAN. Remember DHCP is a broadcast service, and when a client asks for a lease, it will take the first one it hears offered. What’s going to be faster, the device you just connected, or the overworked three-year-old server? Continue reading →
We are often warned about the security risks when using pirated software. While some believe the ‘piracy argument’ is pushed by vendors to scare people into buying software rather than pirating it, this statement is not incorrect.
How do cracks work?
When hackers crack software, they modify the program’s code. Depending on the copy protection mechanics, the modification required can be as simple as changing one byte to something as complex as rewriting chunks of code. Before any of this can be done, a hacker will have to reverse engineer the software and understand how the copy protection mechanism works. This requires skill – more skill than that required to modify the software in order to defeat said copy protection. Why is this important? Someone who is capable of cracking software is probably also able to modify it in any way they see fit. This is where security risks come into play. Continue reading →