Introduction One of the Oracle Database Listener features for protecting your Oracle databases from malicious attacks from unauthorized locations is by implementing the Valid Node Checking (VNC) feature. Through this feature, access to the database can be restricted based on the IP address (or host name) of the client machine attempting to connect to the database. The Oracle database Listener validates the IP address (or host name) of the incoming client machine against the “allow” or “deny” rules specified in sqlnet.ora file before opening up a connection to the database. Although this is not a new feature and has been…
Author: Information Security Buzz Editorial Staff
Mobile Application Security still has a long way to go, especially when you look at the Hewlett Packard Enterprise (HPE) study, saying that when 36,000 apps passed through 10 privacy checks, 96% of those failed in at least one of them. The same study three years ago, revealed 97% of 2000 apps, failing in at least one privacy area. There has been an increasing awareness to take mobile app security into account. As there is an exponential surge in the usage of mobile apps, so does in case of an app security. Herein, let us discuss 5 critical mobile app…
Internet security expert McAfee has unveiled a new security hub – the “Ultimate Guide to Security Threats” – as part of a campaign to educate the general public about the increasing danger to their personal information online. There were 5.1 million online fraud incidents and 2.5 million cybercrime offences reported in England and Wales in the last year alone. Despite this worrying level of crime online, internet security experts McAfee found that the average member of the UK public is still under-educated when it comes to protecting themselves online. In a recent survey carried out by the internet security expert, 90% of…
An increasingly diverse range of connected objects has joined the Internet of Things (IoT) in recent years. Whilst the IoT was once primarily the province of consumer gadgets and wearables, it now includes a growing number of luxury products such as connected cars and smart home systems. Indeed, according to IDATE, 420 million drivers will generate a connectivity market amounting to €9 billion by 2020. However, with cars increasingly becoming computing platforms rather than simply a means of travelling from A to B, they are also becoming more attractive targets for hackers. This is backed up by evidence, such as…
According to a recent survey, 65 percent of respondents indicated that they believed their organization would experience a security breach at some point in the future. While this percentage may, or may not seem astounding, the culprit seems to be one of the oldest issues out there – compromised credentials. Ever since passwords came in to use at MIT back in the 1960s as an attempt at controlling timesharing in their computer lab, people have tried to find ways around them, usually for nefarious purposes. It stands to reason that more than 50 years later, someone would have figured out…
Following the news of an Anonymous hacker gaining access to Turksih citizens’ hospital information, David Emm, Principal Security Researcher at Kaspersky Lab commented on this news below. David Emm, Principal Security Researcher at Kaspersky Lab, said: The news of an Anonymous hacker gaining access to Turkish citizens’ hospital information is another warning to manufactures and developers that medical equipment needs to be secure before being used to care for patients. There are a range of motives for all kinds of cyber-attack, ranging from financial gain, the desire to make a social or political point, cyber-espionage or even, potentially, cyber-terrorism. In…
Following the news that hackers are targeting the US presidential campaigns, IT security experts from Tripwire provide insight into the motivations of the attacks and what we can expect in the run up to the election: Dwayne Melancon, CTO and VP, Research & Development at Tripwire: “We know that ‘hacktivists’ tend to look for high-profile targets, either to disrupt them or to spread the word about disagreement with a particular cause. In this case, the US presidential election fits the bill – it is a contentious race, and a lot of people are watching. What’s curious in this case is that, while…
With the submission period for faster payment solution proposals having recently come to a close, the Federal Reserve’s Faster Payments Task Force will soon face the onerous task of reviewing the proposals. Part of that review will include security. By their very nature, these systems process payments in near or actual real-time, and are irrevocable. The task force must consider how financial institutions can protect themselves and their customers against fraud in these new time frames. The Faster Payments Task Force began accepting faster payment solution proposals from the private sector on April 1. The proposals will be analyzed using…
With the news of the Pavlok wristband which conditions wearers into good behaviour by using shock therapy, Liviu Itoafa, security researcher at Kaspersky Lab responded below. Liviu Itoafa, security researcher at Kaspersky Lab “Following the news of the Pavlok wristband which conditions wearers into good spending behaviour by using shock therapy, it is important to factor in the security implications of such wearable devices. Wearables face the same security threats as traditional computers. In fact, innovative devices are sometimes even more susceptible to traditional threats. Perhaps even worse yet, in time, these devices will face innovative threats. According to reports, the device…
The news headlines are increasingly filled with news of cyber attacks hitting organisations, as they become more prevalent and sophisticated. It is therefore of no surprise to hear that the UK Government has decided to invest £1.9 million over the next five years into protecting Britain from cyber attacks. Consequently, cyber security has become a hot topic for UK businesses. Meanwhile, a shortage of skilled cyber security professionals is likely to push up the cost of protecting the enterprise from the cyber criminals intent on targeting UK companies. As the findings of our recent Corporate Security in 2016 survey reveal, IT leaders…
