Security
Should we worry more about insiders or outsiders?
I’ve been having a little bit of a debate with a colleague of mine. Walking into an environment with only the most basic security measures in place (patch management, AV, moderately restrictive firewall policies), where should you focus your time? Obviously, the complete picture needs to be dealt with, but would you spend [...]
Jury Duty
I had to perform my civic duty recently, and answer a summons for jury duty at my local courthouse. Not many people are excited by this invitation, and I was no exception. In fact, I had already used up my one automatic postponement, so I knew I wasn’t getting out of it.
First impressions: security at [...]
Should Microsoft quit the AV business?
An illuminating study was performed by AV-Comparatives, comparing various popular antivirus products. I haven’t had the opportunity to test out OneCare, Microsoft’s antivirus offering, but I assumed they had released a product that was at least comparable to other mainstream antivirus options. Apparently, I shouldn’t assume.
ccording to the comparison, Microsoft scored an abysmal [...]
WordPress Remote Code Execution - Upgrade NOW!
Over the weekend, there was a notice about a security exploit that was inserted into the install files for WordPress 2.1.1. Care to guess what version of WordPress this blog was running? Don’t worry, I wasn’t about to volunteer that information until I actually had the upgrade taken care of. Upgrading WordPress [...]
Family Security Series
The Family Security Series, by Michael Santarcangelo (aka The Security Catalyst) was launched on Friday. In case you missed it, here was the invitation video:
http://www.youtube.com/watch?v=1h5CUUar19U
To view the first episode of the podcast, go here:
Episode 1: Operating System and Application Updates
I’m interested to see the feedback to this series, because I am one [...]
DST Update
Unless you missed the memo, you’re probably already aware that due to the Energy Policy Act of 2005, the Daylight Savings Time change will be occurring 3 weeks earlier this year in the US.
Wikipedia article
If you did miss the memo, you’ve got some catching up to do. Virtually every device and every operating system [...]
Welcome
Welcome to my blog. My name is John Biasi. I am a security professional, and I hope to use this blog to help advance the discussion of Information Security, and to increase security awareness as well. I’m not too sure what form this blog will take at this point, but I will [...]
