Sometimes it’s not what’s in a press release or in an announcement but rather what’s not. Yesterday, Sun and IBM announced a “tectonic shift in the marketplace” according to Jonathan Schwartz, CEO of Sun. In essence Sun and IBM announced that going forward Solaris is going to run on IBM servers, starting with the “X” series.
While it is somewhat interesting that Sun and IBM decided to work closer together, after all they weren’t exactly good friends in the past. A closer look at the announcement does beg the question about the omission of IBM’s own Unix operating system - AIX. For the curious pundit this leads up to one question: Full article…
The Register has this story about a new anti-hacker law in Germany. What’s interesting is that the most serious offenses are punishable for up to 10 years in prison. At the same time, in Germany you can murder a couple of people and be out in 15 years.
Mu Security, a leader in the security analysis space, today announced a new certification program called MUSIC (Mu Security Industrial Control). If you haven’t heard of Mu Security before, take a look at this Hack Report article, in a nutshell, Mu Security’s appliances automate the security testing an analysis of an IP-based product or application against a whole array of attack scenarios. In other words anyone who needs to test systems, software or appliances against vulnerabilities on ongoing basis will benfit from Mu’s appliances. The list of of Mu’s customers includes network equipment manufacturers like Motorola, Juniper, Alcatel or F5 and service providers like Sprint. Full article…
In this edition of the Hack Report audiocast, our panel looked at: Consumer Reports story that U.S. consumers lost more than $7 billion over the two years to viruses, spyware and phishing schemes; the Black Hat conference and its demo of how easily cookies can be captured online and used to fake identification; and the security issues surrounding contactless payment, as MasterCard announced this week a sharp expansion of its PayPass contactless card program.
Panelists this week were: Mark Rasch, former head of the U.S. Justice Department’s high-tech crimes unit; Motorola’s Chris Hinsz, who is the newest member of the PCI Security Standards Council; and Dave Taylor, president of the PCI Security Vendor Alliance, whose dayjob is with Protegrity.
Sounds too good to be true—is probably what some people are thinking. But that’s exactly what encryption vendor Ingrian Networks is offering to customers. With the rapid approach of the next PCI deadline on September 30, 2007, there has been a lot of discussion around compliance: what it really means to be compliant, what actions need to be taken, and how can they be taken in time to meet these deadlines.
I wanted to find out whether it’s realistic to get PCI compliant within 60 days. I had the opportunity to conduct an email interview with Cary Sholer, an independent information security consultant that specializes in large scale and complex security deployments. Full article…
The User Account Control (UAC) feature of Windows Vista has taken more than its fair share of ridicule since its introduction. The UAC prompt can pop up quite frequently, but it serves a purpose and it is possible to configure or alter its behavior without completely disabling it.
By default, all Administrators run in Admin Approval Mode. This means that even Administrator accounts operate with lower privileges most of the time, and they will see the UAC prompt if or when actual Administrator privileges are necessary.
There are settings within Group Policy that allow you to modify the behavior of UAC. The five settings are described briefly below. Full article…
RSS