Return to the The Data Chain website homepage

Blog

Archive for January 2013

IT is changing – tech support needs to keep up

23 Jan 2013

Jon Hunt, Business Development Director at Point to Point writes: On a daily basis, new technologies are emerging amidst a nexus of converging forces – social, mobile and cloud.  Although these forces are innovative and disruptive on their own, together they are revolutionising business and society, disrupting old business models and changing how we behave as consumers.  Everyone from the CEO to the receptionist has a smartphone, laptop or tablet these days.  And unlike a few years ago, you no longer need a PHD in electronic engineering to set up your new device.

Read blog post

What’s your point?

21 Jan 2013

Richard Walters, CTO of SaaSID asks whether “enduser protection” is a contradiction in terms if you’re actually securing the device.

Read blog post

We are family...all the sysadmins, network engineers, and me!

11 Jan 2013

Denny LeCompte, SolarWinds writes: In case you missed it, SolarWinds spilled the beans when we exposed the AmericanUK, and Australian system administrators in November. We revealed the SysAdmins’ likes and dislikes at work and at play, their favorite entertainment, and their choice beverages, among other things. What we didn’t tell you is that we conducted the same survey with a bunch of network engineers… (we are working towards an advanced degree in IT anthropology).

Read blog post

THE Ruby on Rails Vulnerabilities of 2013 - What they are and what should we do?

10 Jan 2013

Adam O’Donnell from security specialist, Sourcefire, writes: A little under 24 hours ago two major, long-standing vulnerabilities were announced in the popular web programming framework Ruby on Rails. This blog post will talk about what is currently known about these vulnerabilities, what could happen based on previous experiences with these types of vulnerabilities, and what organizations and consumers need to know in order to stay aware and stay protected.

Read blog post

Planes, Trains, Automobiles and… Spear Phishing?

09 Jan 2013

Steve Maslowsky, PhishMe writes: Does your organization have employees that travel frequently? If so, they are probably being targeted by phishers.

Read blog post

Serialization Mischief in Serialization Mischief in Ruby Land (CVE-2013-0156)Ruby Land (CVE-2013-0156)

09 Jan 2013

HD Moore writes: This afternoon a particularly scary advisory was posted to the Ruby on Rails (RoR) security discussion list. The summary is that the XML processor in RoR can be tricked into decoding the request as a YAML document or as a Ruby Symbol, both of which can expose the application to remote code execution or SQL injection. A gentleman by the name of Felix Wilhelm went into detail on how the vulnerability works, but stopped short of providing a working proof of concept. These kinds of bugs are close to my heart, as Metasploit itself is written in Ruby, and we use Ruby on Rails within the Metasploit Community, Express, and Pro user interfaces.

Read blog post

We’re up to the DCIM challenge (Show Me!)

08 Jan 2013

Mark Harris writes: The amount of interest in DCIM has never been higher. Over the last few quarters the flood-gates have begun to open and there are now FUNDED initiatives everywhere we look. Prospective buyers are no longer sitting on the sidelines and waiting for DCIM ‘to mature’. DCIM is no longer ‘coming soon’, it is HERE NOW and available to the masses (and many are in the process of buying now).

Read blog post
securenvoyskyscraper

Mailing list




Copyright 2010-14 The Data Chain Website design and management by CBJ Digital Ltd.