A New Year with No Patch Management Hangover
This blog post was written by Teresa Wingfield. The frequency of database and application vulnerabilities is increasing. Testing and deploying vendor-issued patches is an ongoing, arduous process that results in a time window of system vulnerabilities that exists until IT staff can bring business-critical databases and applications off-line and deploy ...
Securing Those ‘Hackable Holiday Gifts’
“This Christmas I want a drone from Santa,” declared my 10-year old nephew, giving me a meaningful look. His sister chipped in, “And I want a smart watch.” My sister meanwhile picked up her head from her Kindle and groaned, “I want an automated home this Christmas!” Hmmm, OK! I ...
‘SSL Death Alert’ (CVE-2016-8610) Can Cause Denial of Service to OpenSSL Servers
Recently we noticed a security patch has been published for the OpenSSL vulnerability called SSL Death Alert. As with other serious security vulnerabilities, this one grabbed our attention because the discoverer of the vulnerability says that it may cause a denial of service to an OpenSSL web server. To better ...