admini – Page 201 – CyberSecurity Institute

Study: MS SQL Server Is Safest DB

Posted on November 16, 2006December 30, 2021 by admini

But Ted Julian, vice president of marketing for AppSec, which sells vulnerability scanning tools for databases, says the lopsided vulnerability count may be more a function of where the more valuable corporate data typically lies — in the Oracle database. “I see plenty of companies that have confidential data in SQL Server, Oracle, DB2 and Sybase. It is certainly not as if it all sits on Oracle,” he says.

But either way you slice it, hacking a database is like striking gold, whether it’s via a Web app or database bug — or both. “If you can break into a Web application, you can get access to the database using the same application,” Friedrichs says.

And you can’t count on that firewalled DMZ to protect your database anymore: Databases are most at risk to an insider threat, ESG’s Ogren says, and these attacks don’t typically use vulnerabilities at all.

http://www.darkreading.com/document.asp?doc_id=110881&WT.svl=news2_3

More Security Wares Lined up For Vista

Posted on November 14, 2006December 30, 2021 by admini

For reasons of clarity, not to mention legal coverage, ESET defines its newest area of coverage as “unwanted applications.”

ESET isn’t the first vendor to jump on board the Vista security bandwagon, despite repeated assurances from Microsoft of its safety and security. GRISOFT, developer of the free AVG security software, has announced its AVG Anti-Virus 7.5 software is available on the Microsoft Windows Security Center for Windows Vista.

http://www.internetnews.com/security/article.php/3643666

Microsoft Publishes Windows Vista Security Guide

Posted on November 11, 2006December 30, 2021 by admini

http://www.securityfocus.com/brief/354?ref=rss

The guide can be found at: http://www.microsoft.com/technet/windowsvista/security/guide.mspx

U.K. outlaws denial-of-service attacks

Posted on November 10, 2006December 30, 2021 by admini

Among the provisions of the Police and Justice Bill 2006, which gained Royal Assent on Wednesday, is a clause that makes it an offense to impair the operation of any computer system.

http://sympatico-msn-ca.com.com/UK+outlaws+denial-of-service+attacks/2100-7348_3-6134472.html?part=sympatico-msn-ca&tag=feed_2570&subj=ns_6134472

Russia Moves for Tougher IP Protections

Posted on November 10, 2006December 30, 2021 by admini

The office of the United States Trade Representative (USTR) has frequently criticized Russia for not effectively protecting or enforcing intellectual property rights (IPR).

“We have an agreement in principle and are finalizing the details,” U.S. Trade Representative Susan Schwab said in a statement.

The agreement calls for Russia to take specific actions and to enact laws by specific dates to combat Internet piracy and optical disk piracy. Under the terms of the agreement, Russia will permit a one-time notification for multiple products and set specific ground rules for granting licenses for products that require an import license.

The bilateral deal is critical to Russia’s admission to the World Trade Organization (WTO).

According to the USTR, the Bush administration has consulted closely with Congress, particularly with members and staff of the House Ways and Means Committee, the Senate Finance Committee and the House and Senate Agriculture Committees and the IPR Caucus.

http://www.internetnews.com/bus-news/article.php/3643351

NIST publishes: Information Security Handbook: A Guide for Managers

Posted on November 10, 2006December 30, 2021 by admini

This Information Security Handbook provides a broad overview of information security program elements to assist managers in understanding how to establish and implement an information security program.

http://csrc.nist.gov/publications/nistpubs/800-100/sp800-100.pdf