Brian Prince

9 Database Security Resolutions for 2011 by Brian Prince Database Security Is More than the Database Defending the database extends beyond the database itself. All applications and reporting that are configured to interact with the database need to be part of the security audit to, for example, verify passwords are secure and not hard-coded anywhere. […]

The past week in security featured a round of new security warnings from Microsoft, security research and a feud between neighbors that turned into a miniature cyber-war. Microsoft issued an advisory Dec. 22 for a security vulnerability affecting Internet Explorer 6, 7 and 8. According to Microsoft, the vulnerability exists due to the creation of […]

A configuration error recently exposed corporate data belonging to customers of Microsoft’s cloud-based Business Productivity Online Suite. BPOS is a set of messaging and collaboration tools that includes Microsoft Exchange Online, Microsoft SharePoint Online, Microsoft Office Communications Online and Office Live Meeting. According to the company, the configuration issue exposed information in customers’ Offline Address […]

Microsoft counted 106 security bulletins for 2010 when it released its final Patch Tuesday update for the year. But with 2010 now coming to a close, additional bugs are popping up – this time in an ActiveX control. According to researchers at Secunia, “highly critical” vulnerabilities have been found impacting the Microsoft WMI Administrative Tools […]

Microsoft released an advisory today to address a zero-day vulnerability affecting Internet Explorer. Microsoft decided to release the advisory after exploit code for the unpatched bug went public. The issue, which VUPEN Security warned users about earlier this month, impacts IE 6, 7 and 8 on Windows XP, Vista and Windows 7. According to Microsoft, […]

Microsoft has launched a beta program for its Dryad Project, a set of technologies aimed at answering enterprise needs around large data sets. The company recently unveiled Community Technology Previews (CTPs) of Dryad, DSC and DryadLINQ, technologies meant to support data-intensive applications running on a Windows HPC Server 2008 R2 Service Pack 1 cluster. “These […]

It’s no secret denial-of-service attacks have increasingly become a mode of protest in the cyber-world, as well as a way to silence political critics; but a new report from Harvard University’s Berkman Center for Internet & Society underscores just how much. According to the report (PDF), 280 independent media and human-rights Websites were hit with […]

The founder of the OpenBSD project said he believes a firm was “probably contracted” by the government to write backdoors in the OpenBSD Cryptographic Framework (OCF). The statement was made Dec. 21 by OpenBSD founder Theo de Raadt on the project’s mailing list in response to the ongoing discussion about allegations aired in an e-mail […]

Animosity between neighbors has a Minnesota man facing the possibility of decades behind bars after he pleaded guilty to impersonating his neighbor online, distributing child pornography and threatening the vice president of the United States. Vincent Ardolf of Blaine, Minn., stopped his trial Dec. 17 and confessed to hacking into his neighbor’s wireless Internet connection […]

Privacy, Hacktivists, Insider Threats: Security Predictions for 2011 by Brian Prince More Privacy Regulations In the past few weeks, the Federal Trade Commission, Department of Commerce and consumer privacy groups have talked about the best way to protect user privacy online when regarding tracking by online advertisers. In 2011, this is going to continue to […]