GRAND RAPIDS, MI – Tuesday, May 3, 2017 – Fox Technologies, Inc, a leader in Linux security solutions, today announced the release of BoKS ServerControl 7.1, a privileged access management solution for organizations strategically deploying Enterprise Linux driven by accelerating business investments in Cloud, Big Data and Digital Transformation.
Fox Technologies announces high-tech industry sales veteran, Bryan Short, as new VP of Sales.
GRAND RAPIDS, MI — January 13th, 2016 — Fox Technologies Inc., a portfolio company of Parallax Capital Partners and leader in Linux system access management solutions, announces the appointment of Bryan Short as vice president of sales. Short is a high-tech industry veteran with over 25 years of experience in sales, marketing, and business operations leadership. He will be responsible for strengthening Fox Technologies’ existing customer relationships, driving national sales strategies to generate demand and achieve revenue targets, and expanding reach into global markets.
Secure Shell (SSH) Data Security
The Ponemon Institute and Forrester have both published studies that have raised a lot of attention, and questioned the security of SSH deployments, and both focus on the implementation practices and procedures. The ugly truth is that this vital tool is often little considered in the security plans of many enterprises.
The focus of both of these studies is on SSH key management. This can certainly be a very important topic, especially with a standard/default SSH implementation: if you need to use SSH user-keys for authentication it becomes enabled for all accounts that have access to the system. Continue reading
This was not a breach in any classic sense. What happened here is that a patch was applied to a database, and that patch appears to have removed certain safeguards that would prevent one party from viewing another parties database. And, it appears that when one party discovered that the safeguards were down, they took advantage of the situation and did, in fact, view the other parties data.
Last week the Playstation 4 console was comprehensively pwned yet again (an OpenBSD flaw this time as it turns out), so in the 2015 festive holiday season we thought it would be fun to have a look at Valve’s finally-released Steam Machine Console, and its security model.
Based on open source code, Valve have spent two years in Beta trying to stabilize “Linux in a Game Console”, and provide a simple Turn-On and Go gaming experience. Until early 2015 the cost of a beta Steam Machine had been excessive, dependant on high end NVIDIA and ATI graphics. Then came the SteamOS build that works with Intel vPRO graphics, included on the more recent I3, I5, and I7 processors. Continue reading
IF YOU WANT to keep yourself up at night, spend some time reading about the latest developments in cybersecurity. Airplanes hacked, cars hacked, vulnerabilities in a breathtaking range of sensitive equipment from TSA locks to voting booths to medical devices.
The big picture is even scarier. Former NSA Director Mike McConnell suspects China has hacked “every major corporation” in the US. Edward Snowden’s NSA leaks revealed the US government has its own national and international hacking to account for. And the Ponemon Institute says 110 million Americans saw their identities compromised in 2014. That’s one in two American adults.
The system is broken. It isn’t keeping us, our companies, or our government safe. Worse yet, no one seems to know how to fix it.
Early 20th century legendary baseball pitcher Walter Johnson once said, “You can’t hit what you can’t see.” It’s the same thing in IT security: You can’t stop what you can’t see.
Which is why visibility is so essential to network security. Unfortunately a lot of traffic is opaque to network and security teams, giving fits to the CISO. It isn’t a problem if good security is followed, but in a blog this week Johnnie Konstantas, who heads Gigamon’s security solutions marketing and business development, asks a few pertinent questions to see if infosec pros need to improve visibility.
Along with process and technology, security programs need strategic leadership, skilled performance, and effective asset orchestration.
It’s time to revisit the Schneier Maxim. Since he coined it in 2000, Bruce Schneier’s observation that “security is a process, not a product” has been enormously influential in the security community. The Schneier Maxim articulated for a generation of security professionals, myself included, the fatal flaw in any security strategy that expected technology to solve security problems. If you believed it could, Schneier went on to write in Secrets and Lies, you understood neither the problems nor the technology.
More than 720 data breaches occurred this year, and the top seven cyberattacks alone have left more than 193 million personal records open to fraud and identity theft, according to 10Fold Communcations.
Of the seven, the healthcare industry has the dubious honor of three top spots, with the Anthem breach leading the pack.
“Our research indicates that cybercriminals are increasingly going after targets in the medical and healthcare verticals, which store valuable patient data that can’t be reissued like a credit card,” Angela Griffo, vice president of 10Fold’s security practice, said in a press statement.
As 2015 draws to an end, we can look back on a year that has seen cyber security rapidly ascend the corporate, journalist and consumer agendas.
The cost of the average corporate data breach continued to rise, and with hacks on firms such as Car Phone Warehouse, Talk Talk, Ashley Madison and even the Internal Revenue Services in the USA, the last twelve months has seen a marked escalation in Black Hat activity. Below are the four top trends that took precedence in 2015