Articles Tagged with Secure the Data

Security in the Cloud Era

Chuck Hollis’ article on New Security Thinking For A New World  mentioned the following very important comment:

“The latest challenge on the security front isn’t necessarily an exotic new threat vector: it’s the attackers themselves.  They’re organized, well-resourced and patient.   And there’s no silver technology bullet to effectively combat them.

This is a very important point, and one that I have seen at other security conferences for the last 5 years or so. However, attacks are possible because there is a lack of confidentiality and integrity of the data held within the systems under attack. So the system becomes the week point.

Read More

TakeDownCon Dallas: Virtualization Security is NOT just about the Virtual Host

If there was any take-a-way from TakeDownCon Dallas related to virtualization, it was that the virtualization host is not the primary attack point but all the ancillary systems that touch it. These systems may not even be considered part of the virtual environment but they certainly can impact the security of the environment. I saw at TakeDownCon Dallas the following attacks:

  • Oracle elevation of privileges from a regular user to a DBA

    Read More