https://padlet.com/mj_frederick/xp0gbad2vzx0 Network Security en-us 2017-09-30 20:49:39 UTC 2026-03-14 18:10:37 UTC hello@padlet.com https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/300485889 Many other security attributes are covered by specifications such as FC-SW, FC-GS, FC-SB and other standards either approved or in development. Another key development for security is the Storage Networking Industry Association’s (SNIA’s) Storage Management Initiative Specification (SMI-S) standard, which includes a variety of security attributes.
https://www.scmagazine.com/home/security-news/features/5-steps-for-ensuring-storage-network-security/]]> 2018-11-05 14:37:51 UTC https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/300485889 https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301253589 Employees can sometimes be the cause of attacks against a company’s security network even if it isn’t on purpose like the case with the USGS employee. Situations like this can occur frequently if companies don’t implement contingencies for employees who misuse company property. Using a variant firewall such as a proxy server would allow companies to filter traffic for attacks or undesirable content such as malware or traffic to Web sites hosting adult content and log which employees were mishandling company property. A basic firewall would also suffice preventing employees from visiting websites such as adult and other unproductive sites. ]]> 2018-11-06 21:57:20 UTC https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301253589 https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301261739 https://www.scmagazine.com/home/security-news/critical-bleedingbit-flaws-found-in-microcontrollers-used-by-wi-fi-access-points/ 
 

One of the most basic things an individual or an organization can do to protect themselves is ensuring that the devices protecting their network are up to date. Many exploits, like the one mentioned in this article, are almost immediately addressed by device manufacturers with patches available shortly after the such exploits are found. What amounts to minor preventative maintenance can save you from having major problems in the future.]]> 2018-11-06 22:26:33 UTC https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301261739 https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301263161 This webcast looks at the challenges of scaling a network correctly and making sure that security is baked in, not stapled on. and a change a pace from the everyday "read this article". Very interactive and engaging from our experience.]]> 2018-11-06 22:32:22 UTC https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301263161 https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301289472 We went with a more topical article considering today is election day. Our neighbors to the North, Georgia, have been calling into question the security of their voting systems including the network that transports and centrally tabulates the voting data. The Secretary of State, Brian Kemp who also just so happens to be running for governor, assures the voters that no part of the network has or can be compromised. However, there have been very recent examples of lapses in the security of the network that has lead to extraction of voter PII and even deletion of voting tabulation data in a contested election. The security of the network of voting machines controls the destiny of our democracy. Or we could just switch to, you know, paper ballots like Florida...

https://www.scmagazine.com/home/security-news/state-of-security-georgia/]]> 2018-11-07 00:53:34 UTC https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301289472 https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301294841 German researches had discovered (2008) that WiFi protected access encryption can be somewhat cracked.
"The vulnerability exists in the Temporal Key Integrity Protocol (TKIP), a security protocol that replaced the Wired Equivalent Privacy (WEP) standard and was renamed WPA by the Wi-Fi Alliance trade group. It’s main improvement was that it generated new packet encryption keys at frequent intervals” https://www.scmagazine.com/home/security-news/vulnerability-discovered-in-wpa-encryption/


]]> 2018-11-07 01:19:50 UTC https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301294841 https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301303418 Flaws in Bluetooth Low Energy microcontrollers from Texas Instruments can allow hackers to gain control of an access point, or overwrite the OS of the access point completely. Using this vulnerability, attackers can gain access to the network with no indication or warning. This method can be used to break network segmentation, which is a primary network security method of keeping unsecured devices from the rest of the network. These microcontrollers are used in a variety of industries such as healthcare, industrial, automotive, retail, and more.
These low-energy microrontrollers allow a user to connect any device to their smartphone or tablet, so if an "airborn" attack happens to the access point it can be a crucial risk.  In order to overcome this risk, there area few things that could be implemented.  With the uses of a stateful packet inspection and specified proxy servers set to only new registered users and the three servers TI uses, bound together with a DMZ system to protect hackers from having access to reverse-engineer or sniff updates, significant amounts of hacking can be prevented.  Port scanners can be embedded to verify the user is on their usual devices, and alerts can be sent out requiring authentication if a system is not recognized.  
Bleedingbit vulnerabilities endanger enterprises by using vulnerable access points in their networks. Besides access points the health sector is potentially affected by these vulnerabilities as the affected chips are used in many medical devices. Even private users might be affected by the vulnerabilities.Customers using these device should determine whether their devices are affected based on how it is being used and whether software updates are possible.]]> 2018-11-07 02:02:58 UTC https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301303418 https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301318542 This article is about An error involving in a Salesforce marketing cloud API could have allowed third parties to access data or for data to be corrupted.
“During a Marketing Cloud release that was rolled out between June 4, 2018 and July 7, a code change was introduced that may have caused a small subset of REST API calls to improperly retrieve or write data from one customer’s account to another,” the company said in an advisory.
https://www.scmagazine.com/home/security-news/cloud-security/salesforce-api-error-left-data-accessible/]]> 2018-11-07 03:30:41 UTC https://padlet.com/mj_frederick/xp0gbad2vzx0/wish/301318542