Showing results for "0":
by John Pescatore | June 29, 2011
The calm before the storm – Gartner Security Symposium 2011 before the opening. Last week was a busy week at the 17th annual Gartner Security Symposium, my 12th with Gartner, and my 14th overall. At the conference several attendees asked if I was going to resume blogging and I said I would give it a […]
by John Pescatore | May 17, 2011
Most cost-effective attack launch platform: Amazon Free Tier EC2 or homegrown botnet? Bloomberg reports Amazon EC2 used in Sony Playstation Network attack.
Twelve Word Tuesday: Seventeen Years of Browser Cookie Tracking Drives Need for Do Not Track Features
by John Pescatore | May 10, 2011
The real Y2K disaster: RFC2965 kills RFC2109 and Internet user privacy implodes.
by John Pescatore | May 3, 2011
Using cloud without verifying security: building headquarters lower than the tsunami markers. International Herald Tribune: “Ancestral Markers Warned Japanese of Tsunamis“
by John Pescatore | May 2, 2011
Two weeks ago I traveled to Tokyo and spoke at Gartner’s Information Security and Risk Summit. We surveyed the 300 attendees after the earthquake/tsunami/nuclear power plant disasters and they still wanted to attend the conference, so we were glad to hold it. (Gartner also had a Data Center conference last week in Tokyo, as well.) […]
by John Pescatore | April 1, 2011
Today we have a guest post from Gartner analyst Lawrence Orans: Yesterday, Verisign announced that the .com domain now supports DNS Security Extensions. This development paves the way for the 90 million domains within .com to adopt DNSSEC and extend the chain of trust. DNSSEC should be appealing to any organization that cannot afford to […]
by John Pescatore | March 29, 2011
MySQL.com hacked by SQL injection is like cash injection compromising an ATM. MySQL website falls victim to SQL injection attack
by John Pescatore | March 25, 2011
Back in early 2007, after the CA Browser Forum introduced Extended Validation Certificates, Vic Wheatman, Avivah Litan, Greg Young and I wrote a Gartner Research Note “Extended Validation SSL Certificates: A Big Step Forward, but More Progress Is Needed.” In that note we said: The success of phishing attacks has generated demand to make SSL […]
by John Pescatore | March 15, 2011
When automobile tires or software are > 50% patches, time to replace. Yet more attacks in the wild exploiting yet more Adobe Flash vulnerabilities.
by John Pescatore | March 14, 2011
In about two months, the European e-Privacy Directive on Web cookies will take effect, essentially requiring explicit consent from European users before any form of tracking is done via cookies. The upside of this is, of course, an increase in privacy for web surfers. Opponents, however, are claiming major negative impacts: Without persistent cookies, your […]