Tags » Data Leakage

The Apache "Optionsbleed" security hole explained [VIDEO]

Yesterday, we wrote about a new Heartbleed-like vulnerability in the Apache web server.

The new security hole can be triggered by a special sort of web request called OPTIONS, and it can leak, or “bleed”, data that isn’t supposed to be revealed… 172 more words

Vulnerability

ThinAir CEO Tony Gauda on Insider Threats (Podcast)

In Preston’s absence, I spoke with ThinAir CEO Tony Gauda about insider threats. Insider threats cost companies billions of dollars, thousands of lost labor hours, and loss of credibility with customers. 250 more words

Ken Hess

Apache "Optionsbleed" vulnerability – what you need to know

Remember Heartbleed?

That was a weird sort of bug, based on a feature in OpenSSL called “heartbeat”, whereby a visitor to your server can send it a short message, such as… 1,638 more words

Featured

Cyber and Data Insurance

Your cover in a nutshell:

Cyber and data insurance is designed to support and protect you from evolving e-risks. It provides comprehensive cover for your computer systems and data, whether electronic or non-electronic. 898 more words

Security

Low Profile Office 365 Breach Reported

A couple years ago I wrote:

“I am told by many in my industry (and some vendors) that ‘if we put it in the cloud it will work better, cheaper, be safer, and always be available.’ Under most general financial services use cases (as opposed to niche functionality) that statement seems without foundation.” 690 more words

Risk Management

.why .it's .time .to .fix .localhost

We were recently asked to comment on a suggested new internet standard proposed in a document with the intriguing title Let ‘localhost’ be localhost. 806 more words

Featured

Workforce Mobility = More Shoulder Surfing Risk

An individual recently alerted me to an instance of sensitive information being displayed on an application screen in the context of limited or non-existent business value. 1,128 more words

Information Security