HP And The Scary Corporate Fifth Column Concept – Hacked Off – Dark Reading

HP And The Scary Corporate Fifth Column Concept – Hacked Off – Dark Reading.

Rob Enderle discusses employees leaking proprietary information to competitors. Rob focuses on Oracle’s efforts against HP, speculating that Larry Ellison’s hiring of Mark Hurd is part of a plan to acquire HP.

During a battle–competitive, political, or otherwise–detailed information about the other side’s strategy, weaknesses, and tactics can result in huge benefits for the firm that acquires it. In security, it is our job to plug leaks–which are difficult to find–to identify the potential for them. On the short list would be executives or employees who were passed over for critical promotions, complained about abuse, were identified as surplus but still working, or who were known to be disgruntled and aggressively looking for outside work.

Employees like this should be considered a security risk. Care should be taken to control the information they have access to, specifically looking for indications that information coming into their possession isn’t being passed outside the company.

Oracle fixes add to massive patch load expected Tuesday – SC Magazine US

Oracle fixes add to massive patch load expected Tuesday – SC Magazine US.

Of the 81 fixes in Oracle’s quarterly patch release, seven of them are for databases.

The question is how long will it take to test and install these patches? Experience says months. That means your systems will be exposed to these vulnerabilities for months.

I am by no means suggesting you should rush the deployment of these patches. Thorough testing is a must.

The answer is the virtual patching capability of Sentrigo, a database protection solution. In a matter of days, if not sooner, Sentrigo updates their agents protecting your databases with new “vulnerability signatures” that protect against threats looking to exploit the well documented vulnerabilities for which Oracle is providing patches.

In many cases, Sentrigo ships the “vPatches” before Oracle ships their patches.

We recommend Sentrigo as a core component of our next-generation defense-in-depth architecture.