John E Dunn
January 31st, 2013
It’s made the Internet a better place. But like all wonderful things, Java needs careful oversight
Java, what’s it good for? If the depressing zero day flaw parade of recent weeks is anything to go by, not a lot.
A quick description of the mess; on 10 January, exploits started circulating for a serious flaw in Java 7 Update 10 (itself a major overhaul, released mid-December), prompting an unusual ‘disable immediately’ warning from the US Department of Homeland Security (DHS) no less.
- August 18th, 2015
During August members of the InfoSec community leave the comfort of their ergonomic desks and head out into the Nevada desert on a spiritual pilgrimage to Las Vegas. This mass movement is no coincidence, the draw is clear with Black Hat, DEF CON, BSides Vegas and the Star Trek Convention all occurring within a week. If you have an interest in offensive security, protecting data or ensuring your car cannot be remotely hijacked, Las Vegas is the place to be in August.
- August 6th, 2015
Windows 10′s security overhaul offers a lot but beware its complexities and limitations
With the arrival of Windows 10 in late July, businesses must once again pose many of the same questions that presented themselves at the time of the launch of Windows 8 in 2012, Windows 7 in 2009 and, for those with long enough memories, Windows XP in 2001.
- November 19th, 2013
Edward Snowden’s data leakage at the NSA has certainly caused a ripple effect across the entire IT landscape, forcing organizations across all industries to take a closer look at their current security defenses. At the McAfee FOCUS conference in October this year, we conducted a survey to examine just how closely security professionals were rethinking their approaches to security as a result of the NSA incident. And just as important – if not more – was determining how many of those professionals were actually converting these attitudes to action.
- September 25th, 2013
User Account Control was a great idea but it has taken privilege management to fulfill its potential
How did computer security get into such a troubled and confused state? It’s a question security professionals must ask themselves on a daily basis as they face demands that threaten to explode budgets while offering no guarantee that any of the expensively-assembled defenses will actually work.
The roots of the malaise goes back to the early years of the millennium when enterprises and consumers using Windows 2000 and Windows XP were suddenly ambushed by waves of clever software attacks that warned the world that criminals had floored an evolutionary accelerator pedal. By the time XP and Windows received its first major security upgrade in the form of Service Pack 2 in 2004, it was becoming clear that security had entered an unsettling era that might take decades to play out.
- August 12th, 2013
Administrators, privileged network deities or just a type of ordinary network user much the same as anyone else? Years into an age where IT security has become a mainstream topic, this remains the sort of polarizing question that can provoke one of two reactions; shock or relief.