Category: Best Practices

What Every Database Administrator Should Know About Security

[The following is excerpted from "What Every Database Administrator Should Know About Security," a new report posted this week on Dark Reading's Database Security Tech Center.] To say that there is friction between security professionals and database administrators (DBAs) is putting it mildly. Database administrators are both the caretakers of database platforms and the managers of data. Very seldom are they also security experts. In many enterprises, the DBA and the security team find themselves at odds because the DBA is…

Click for complete article >>

De-FUD-ing Privileged User Management

I am proud to write this column for Dark Reading. The biggest reason is I get to share two decades of stuff I’ve seen with databases and security with you, and it starts really good conversations every time I attend security conferences and meet readers face-to-face. I can share perspective, help clarify issues around database threats, and explain the pros and cons of database security products. On occasion, I even get to call BS on things I believe only confuse DBAs and…

Click for complete article >>

Latest DBMS Security Patch Levels – Updated

TeamSHATTER keeps you up to date with the latest DBMS Security Patch levels to ensure you are protected with the latest security fixes. Last updated 3/21/2013   Oracle   Edition Latest Patch Release Date Comments Database 11g R2 Database 11g R1 Database 10g R2 Critical Patch Update January 2013 January 15th 2013   Database 10gR1 Critical Patch Update January 2012 January 17th 2012 Out of support. This was the final patch for 10gR1. Database 9i Critical Patch Update July 2010…

Click for complete article >>

IEEE Suffers Data Breach, Usernames And Passwords Of 100,000 Members Exposed

Posted September 26, 2012 by TeamSHATTER Admin in Best Practices, Data Breach, Database Security with 0 comments
username and password

According to news reports, the usernames and passwords of 100,000 members of the Institute of Electrical and Electronics Engineers (IEEE) have been found unencrypted on a FTP server by a Romanian researcher, Radu Dragusin. As many IEEE members are security professionals, with some known to work for leading companies such as Apple, Google, IBM, Oracle, Samsung and NASA, this breach demonstrates a considerable failure in server level security. Click for complete article >> 

Click for complete article >>

Worrisome Data Breach Trends Force Organizations To Examine IT Security Infrastructure


In the war over government data security, the statistics indicate the bad guys are winning. And some security experts say any hope of reversing that trend will take “a whole new paradigm” in IT security. The U.S. Government Accountability Office (GAO) reported last week that federal data breaches involving unauthorized disclosures of personally identifiable information increased by 19%, or about 13,000 to 15,500, from 2010 to 2011. At least some of the time, victims of those breaches are being left…

Click for complete article >>

Top Four Mistakes Organizations Make When Breached

Posted June 20, 2012 by Tim Whitman in Best Practices, Data Breach, Database Security with 0 comments
Mistakes Road Sign

In just the last three weeks, we’ve been provided several salient reminders that data loss and theft are fast becoming a cost of doing business in the digital age. First, there was The Washington Post’s report on Shodan, a search engine that boasts of its ability to “expose online devices’ including webcams, routers, power plants, iPhones, wind turbines, refrigerators, and VOIP phones. According to the story, even “moderately talented hackers” using the Shodan platform have been able to access supposedly…

Click for complete article >>

When You Do Not Know Where Your Data Is…

Posted May 15, 2012 by Tim Whitman in Best Practices, Data Breach, Database Security, PCI, Tips and Tricks with 0 comments

In its fifth year of publication, the Data Breach Investigation Report (DBIR) by Verizon spans 855 data breaches across 174 million stolen records. Mark Goudie, Managing Principal, Asia-Pacific – Investigative Response, Verizon Business, talked to Jasmine Desai about the latest security threats and solutions for the same Click for complete article >>

Click for complete article >>

Hey Facebook: Forget The Winklevoss Twins – Data Security Adversaries Are On The Way

Facebook IPO

As you folks over at Facebook prepare to make your initial public offering, before you switch gears to planning your IPO parties and stock-option fueled vacations, take a moment to consider data security. After all, Facebook is nothing without data – volumes and volumes of it. And all that data needs to remain available, accessible, private (sometimes), and authentic, 24 hours a day, from now until…forever. Over the last few years, millions of people have entrusted Facebook with everything from…

Click for complete article >>

Threatpost NOW! Video: Security Issues Critical To The End User

Threatpost NOW! Video Interview

In this video, Dennis Fisher, editor-in-chief of Threatpost, speaks with Josh Shaul of Application Security, Inc. and Jack Daniel of Tenable Network Security. This candid discuss revolves around end-user security, where breaches occur and how organizations can fix these problems without causing havoc to their enterprise networks. Click here to watch the video >>

Click for complete article >>

Not If…When: Data (In)Security Will Impact The 2012 Presidential Election RaceTeam Shatter Exclusive

Presidential Campaign

It’s election time, and with the Republican field narrowed down to Mitt Romney as the likely nominee, we have ourselves a Presidential race to watch. When it comes to politics I’m probably at my most cynical, so it’s not what candidates are saying about the issues that catches my attention. It’s the side shows – that’s where all the fun stuff happens – the negative adds, the personal scandals, the fears of voting failures and miscounts, the “facts” invented at…

Click for complete article >>
Powered by