Who monitors your every move? NSA or Facebook or Shutterstock?

Monitoring, eveasdropping, spying, surveillance – these are terms that even the layman today associates with NSA – thanks to the recent spate of exposes about who and what the NSA has been monitoring. One assumes that when European heads of state have not been spared, others are just too easy. While the NSA may not have any real interest in what I do, other conglomerate websites like Facebook and Shutterstock have a very real interest in how I behave with their websites – since it might mean more money for them.
Continue reading “Who monitors your every move? NSA or Facebook or Shutterstock?”

Free guide: 5 Best practices for BYOD

Trend Micro Incorporated has issued a free how-to guide that covers 5 Best Practices for BYOD and includes a checklist for developing flexible, yet secure BYOD policy.


iPhones, iPads, Android-powered devices, and Windows phones have grown into powerful computing platforms, and their use allows enterprise employees to connect to work as never before. These devices offer greater flexibility and adaptability — whether it’s for business or private use. But these devices also put proprietary company information at risk. Ideally, consumer devices can extend and supplement desktop and laptop machines, allowing employees to remain connected to the organization without being chained to a physical office. Incorporating consumer technology into a corporate IT system requires planning, policy, protection, and control.


You can request your copy at http://net-security.tradepub.com/free/w_aaaa2710/?p=w_aaaa2710

Why ‘Administrator’ privileges should not be given to end users?

One of the IT security best practices in desktop usage is to run a computer on the least privilege required. This means, an end user should log into his PC / laptop as a standard user and not as an ‘administrator’. This is applicable to both, home and enterprise environment. The advantages of such least privilege computing are listed below. Continue reading “Why ‘Administrator’ privileges should not be given to end users?”

Security firm releases tool to audit SAP’s HANA

A new tool from security vendor Onapsis aims to secure SAP’s in-memory database HANA, the German company’s fastest-growing data processing product.


Onapsis, a Boston-based company that specializes in SAP security, will incorporate the tool into its X1 suite, which scans for vulnerabilities and configuration problems in SAP deployments.


HANA is a cornerstone of SAP’s strategy to compete with Oracle and IBM. Available as a cloud service and an appliance, it’s designed to process analytical and transaction workloads much faster for SAP’s ERP, CRM, supply chain and business intelligence applications.


Read More at Network World

Backdoor found in D-Link router firmware code

A backdoor found in firmware used in several D-Link routers could allow an attacker to change a device’s settings, a serious security problem that could be used for surveillance.


Craig Heffner, a vulnerability researcher with Tactical Network Solutions who specializes in wireless and embedded systems, found the vulnerability.


Read the full article at Network World

Google Malaysia Site Hijacked

The Google domain for Malaysia was hijacked on October 10th, redirecting visitors to a page that said a group called Madleets from Pakistan had performed the attack.


MYNIC, the company that administers the country TLD for Malaysia, confirmed the attack in a statement issued Friday morning, saying that its internal incident response team had resolved the problem within a short time of learning of the attack.


Read the full article at Threat Post