We Got Hacked, Now What?
Hopefully you really have a good answer for this. Getting hacked is no longer a distant probability; it’s a harsh reality. The most recent incident was Evernote losing customer information including email addresses and passwords to a hacker. I’m an Evernote customer and I watched the drama unfold from the perspective of an end user. [...]
Is security that complicated
I recently had to set up an account with a US Government web site. I had a dickens of a time picking a password. They had amazing rules: The first character needed to be a number. The password had to have at least 7 characters, but no more than 12. Only lower-case letters could be [...]
Executive Order: Improving Critical Infrastructure Cybersecurity
Heck, we wouldn’t be bloggers, and we wouldn’t care about our industry, cloud or information security if we didn’t spend time reading this executive order and seeing what hidden neat treats there are in there. Overall I am impressed with this executive order as it looks like someone actually thought about it in the first [...]
Kim Dot Com’s new Mega site has XSS Security Holes
Any new site, not just Mega is going to have security holes, and reports have surfaced in Twitter, Reddit, and over on ZDNet that Mega has a couple of persistent XSS security holes that are going to make users days a little bit harder. Beyond the crypto issues that you can read on ZDNet, persistent [...]
Understanding Shodan HQ for hacking and cyber warfare
Understanding Shodan HQ for hacking and cyber warfare Shodan HQ is probably one of the more interesting web sites that few people know about. Shodan scans the internet looking for devices that people have left unsecured or with default if any login information. Sometimes a web site just makes you happy, and Shodan has shown [...]
Presentation: Cloud Security Management – Overview and Challenges
What’s your first priority cloud security concern ? From an attacker’s perspective, cloud providers aggregate access to many victims’ data into a single point of entry. As the cloud environments become more and more popular, they will increasingly become the focus of attacks. Some organizations think that liability can be outsourced, but no, it cannot! [...]
AppSense Trying To Make Personal Clouds Enterprise Worthy
AppSense, the NewYork based company focussed on Virtualization solutions, today announced their research wing, AppSense Labs, focussed on bridging the gap between personal services and enterprise. They also announced their first product under AppSense Labs called DataLocker (iTunes link for iPad and iPhone). This got my attention for two reasons: As the so called consumerization [...]
Video: Cloud In The Eyes Of VCs
From time to time, we post videos from different vendors on their take about cloud marketplace. Below is a video of Okta CEO, Todd McKinnon, talking to two of their VCs Ben Horowitz (from Andreessen Horowitz) and David Weiden (from Khosla Ventures) about their take on where cloud is heading. While we take pride in [...]
Verizon Acquires CloudSwitch To Beef Up Terremark Enterprise Cloud
Verizon (previous CloudAve coverage) yesterday announced that they are acquiring CloudSwitch (previous CloudAve coverage), the Burlington based company founded in 2008 to make life easy for enterprises to extend their datacenter into the cloud, for an undisclosed sum. With this move, Verizon has made it even more clear that they are serious about the enterprise [...]
What is Really Holding the Cloud Back?
As I was listening to speakers at Structure Conference this year, something caught my attention and changed my thinking on cloud priorities. When IT decision makers are asked to rate the top challenges for cloud adoption, security always rises to the top. Security, security, security. At Structure, I heard something slightly different from Microsoft’s Satya [...]
Apigee Asks: Is Your API PCI Compliant?
Apigee (previous CloudAve coverage), the API management company formerly known as Sonoa Systems, yesterday launched PCI-Compliant API management solution in the cloud. As we move into an increasingly platform based world where APIs are the key, the next important issue we, as an industry, have to tackle is security. Already companies like Apigee, Mashery, etc [...]
VMware Horizon App Manager – A Quick Analysis
Whether you want to call it consumerization of enterprises or democratization of IT, we know that it is happening already and no FUD can stop them anymore. Instead of fighting this process, today’s smart enterprises are embracing them by empowering their users to securely use SaaS and other consumer applications. VMware realized this trend and [...]
One Firewall for a United Europe
Does Europe need a firewall much like the famous Great Firewall of China? As we continue to struggle with the ideas of the internet, censorship, and illegal activity, Torrent Freak is reporting about a movement for the “Great Firewall of Europe”. …
The LastNews (!) You Want to Hear is LastPass Hacked. Now What?
Password management service LastPass notified users their servers may have been hacked. I take a minute break, let it sink in. Yes, this is the one (Last) uber-super secure system you trust with ALL your passwords. Ouch. But despite the hacking, LastPass says users who had a strong master password in the first place are [...]
New Gmail Scam making the rounds
Again with the warnings: do not click on that link or reply to that email a new Gmail scam is making the rounds today. Don’t give out your e-mail information, including user name and password. The e-mail contains this text: We are shutting down some accounts due to congestion in our database system and your [...]
