SEARCH RESULTS
 
Showing 1-10 of 37 records
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
...failures that may have security implications As Michael Howard has pointed out before , we do our best to ensure that the SDL incorporates lessons learned from vulnerabilities that required us to release security updates. It turns out that the animated cursor bug patched in MS07-017 had a positive impact on the automatic triaging our fuzz...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

Firewalls On Your Windows Servers

2008-07-06 08:37:16 by Editor in Cheap Hack
 
...failures, but that's a good thing because it forces you to think about what's open and closed on your server and make a decision about it. An entry on the SQL Server Security Blog discusses these changes and how you can approach them to make your Windows Server 2008-hosted SQL Servers secure. First you have to locate your servers; it's a good...
 
Tags: servers, sql servers, sql servers secure, server, windows server, firewall, network firewall policies, windows firewall, litchfield
 
 
 
 
Expand article

UBS Explains Risk Management Gone Wrong

2008-04-23 16:49:32 by Chris McClean in Security & Risk Management
 
...failures, an overly aggressive focus on short-term growth, and excessive risk taking are among the high level issues addressed. Also in the report, however, are scores of more detailed explanations of control failures in more than 20 different categories. Specific problems on the list include Gaps in risk management expertise Failure to...
 
Tags: risk management, risk management expertise, control failures, failures, report, wider industry concerns, cost justification support, list include, wall street journal
 
 
 
 
Expand article

Did the Chinese PLA Attack the U.S. Power Grid?

2008-06-02 06:37:31 by schneier in Schneier on Security
 
...failures that allowed a small problem to cascade into an enormous failure The Blaster worm affected more than a million computers running Windows during the days after Aug. 11. The computers controlling power generation and delivery were insulated from the Internet, and they were unaffected by Blaster. But critical to the blackout were a...
 
Tags: government, government officials, august 14th blackout, august, computer, officials, blackout, status computer, computer hackers
 
 
 
 
Expand article

Risk Management Lessons from the Mortgage Meltdown

2007-12-14 16:54:17 by Chris McClean in Security & Risk Management
 
...failures will get legislators attention. Its still early to tell how far fallout from the sub-prime crisis will reach, but the number of consumers affected has already convinced lawmakers to get involved. Weve seen other industry-wide risk management failures heading toward this level of attention with pharmaceutical , food , and toy...
 
Tags: risk, risk exposure, risk management decisions, intelligent risk, risk-savvy media, risk management professionals, goldman sachs, goldman sachs performance, risk management information
 
 
 
 
Expand article

More Log Management Questions - Answered!

2008-05-23 16:04:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...failures are being caused by infrastructure issues A2:Wow, fantastic! The answer to this is "Yes, if you have the right logs collected." In most cases, to get to the bottom of such issues requires having BOTH application (e.g. PeopleSoft or Oracle) and infrastructure logs (e.g. Windows or Solaris Q3: What the typical retention schedule for...
 
Tags: log management, log, defines log retention, log policy, log management tool, log management program, infrastructure logs, logs, log messages
 
 
 
 
Expand article

Interop Las Vegas 2008 - Some Interesting Stats

2008-06-11 14:44:02 by Louis DiMeglio in ScienceLogic
 
...failures, but each of them was handled properly by the redundancy in the network and the show exhibitors and attendees saw no impact from these failures. This is a real testament to the design and build of the network . Its hard enough to build a complicated network in two weeks , but then to keep it up and running 100% of the time in the...
 
Tags: network hit, hit, network, power, power distribution units, interop, power strips, interopnet, external wan links
 
 
 
 
Expand article

The Pwnie Awards

2007-09-10 04:21:00 by Eric Marvets in The Security Samurai
 
...failures of security researchers and the wider security community They give awards in the following categories Best Server-Side Bug Best Client-Side Bug Mass 0wnage Most Innovative Research Lamest Vendor Response Most Overhyped Bug Best Song
 
Tags: pwnie awards, awards, bug, server-side bug, wider security community, client-side bug, innovative research, accept nomination, vendor response
 
 
 
 
Expand article

Review of My 2007 Security Predictions: Too Wimpy

2007-12-23 15:46:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...failures (wonna bet which legacy SIEM vendor will die first? :-)) There are way too many companies who sell some random and often irrelevant "protection" which sometimes doesn't even work ... at their own demo ... when their CTO demos it ... the third time Status Check III: This is kinda true ( here , here , here ), but not to the extent I...
 
Tags: status check iii, status check, status check viii, security, security predictions, status check vii, check, predictions, status
 
 
 
 
Expand article

FBI Wiretaps Canceled for Non-Payment