Performance tests try to reduce the risks of downtime or outages on multi-user systems by conducting experiments that use load to reveal limitations and errors in the system. Testing usually involves assessing the performance and capacity of systems th…
“The Feds Have Let The Cyber World Burn. Let’s Put the Fires Out.”
I’ve made some comments regarding Apple vs. the FBI at Wired.
I Might Be Afraid Of This Ghost
CVE-2015-7547 is not actually the first bug found in glibc’s DNS implementation. A few people have privately asked me how this particular flaw compares to last year’s issue, dubbed “Ghost” by its finders at Qualys. Well, here’s a list of what that flaw could not exploit: apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql, nfs-utils, nginx, nodejs, openldap, openssh, […]
A Skeleton Key of Unknown Strength
TL;DR: The glibc DNS bug (CVE-2015-7547) is unusually bad. Even Shellshock and Heartbleed tended to affect things we knew were on the network and knew we had to defend. This affects a universally used library (glibc) at a universally used protocol (DNS). Generic tools that we didn’t even know had network surface (sudo) are thus […]
Next Generation IDaaS: Moving From Tactical to Strategic
Today, I posted a blog entry to the Oracle Identity Management blog titled Next Generation IDaaS: Moving From Tactical to Strategic.
In the post, I examine the evolution of IDaaS and look toward the next generation of Enterprise Identity and Access Ma…
Redirecting On the Edge
On the web, every second counts. Service engineers and operations teams are looking for ways to save milliseconds from web pages’ load times. One of the simpler ways to squeeze better performance from web pages already using a Content Delivery Network …
Will you pay 300$ and allow scamsters remote control to your computer ! child play for this BPO
Microsoft
customers in Arizona were scammed by a BPO setup by fraudsters who’s executives
represented themselves as Microsoft employees and managed to convince them that
for a 300$ charge they would enhance the performance of their desktop
computers.&…
Three Must Do’s to make a Security Awareness Champion
Setting an
example is the best way to institutionalize security awareness within a
workplace or at home. Colleagues and children naturally follow examples set by
champions as it makes it easy to mimic rather than spend time to self-learn. I
found thre…
Swatting airports helpdesks diverts the attention of anti-terror forces on the Indian Republic Day
26th January,
the Indian Republic Day, was targeted by ISIS operatives to stage multiple
terror strikes designed to cause terror and panic in major Indian cities. The
Indian intelligence and police agencies over the last few weeks successfully
nabbed …