Video Vulnerability Alert: Don't Get Shellshocked

Blog Date:  1/15/2015
Author:  Ray Coulombe

In Sept. 2014, a vulnerability known as Shellshock (also known as Bashdoor) was discovered and disclosed. And that's potentially big news for organizations who operate, maintain or otherwise use Linux-based security equipment - which can now be considered vulnerable to hackers.
Integrators and users should attempt to see if products in the systems they sell or have installed might be at risk - but do not simply leave it up to the individual manufacturers to keep you informed of software vulnerabilities.
It also means that integrators should be working closely with their clients' IT departments. Asset Management Inventories are common for hardware, software and security products, but now deeper levels of discovery must be performed by IT. Those involved in systems administration and configuration management need to be especially aware of the composition of products that comprise their total Information and Physical Security Environment. Yes, that means your clients have culpability in information assurance, but working closely with them to patch these vulnerabilities can't hurt.
Link to article

 

Resource Blogs

Most Recent Blog List for Blog Author: Ray Coulombe

Security Specifier Blog List Image for  Stay Safe! While Traveling This Summer

Stay Safe! While Traveling This Summer

It’s summer vacation time! The last thing you need to worry about it is getting your identity stolen while you’re sitting on a beach somewhere exotic. In 2016, more than 15 million Americans were victims of identity theft, up 16 percent from the previous year, according to Experian. Plus, about 33 percent of that fraud took place when people were traveling. Here’s a few tips to staying safe all summer while traveling...
read more -->

Security Specifier Blog List Image for Rethinking Cabling

Rethinking Cabling

Cat 5e became an ANSI/TIA/EIA standard in 2001, Cat 6 in 2002, and Cat 6a in 2008. However, it may be extremely useful to consider taking advantage of other existing cabling infrastructure in lieu of running new. Read more to learn how to approach cabling.
read more -->

Security Specifier Blog List Image for Off the Beaten Path at ISC West

Off the Beaten Path at ISC West

This year at ISC (the International Security Conference and Exposition), I was determined to try to see the latest iStechnologies hiding in the nooks and crannies—literally! I visited booths in the back, the basement, small kiosks hidden inside larger vendor books, and throughout the Emerging Technology Zone.

In case you missed the show, I’ll round up some of the best new technologies and companies to keep an eye on. Read more.
read more -->

Security Specifier Blog List Image for Cyber Crime Taking Down Cities

Cyber Crime Taking Down Cities

Earlier this year, in March, the City of Atlanta’s nearly 8,000 employees heard words they never thought they would hear: “It’s okay to turn your computers on.” Their computers were powered off for five days. In those five days Atlanta residents could not pay traffic tickets, water bills, or report city issues. Read how ransomware impacted this metropolitan area.
read more -->

Security Specifier Blog List Image for A Few Thoughts on K-12 School Security

A Few Thoughts on K-12 School Security

There is no one size fits all when it comes to K-12 school security. Schools vary in so many ways: size, age, local environment, affluence, culture, governance, and more. Read some helpful tips and resources that might just help your school be better prepared.
read more -->


Copyright Ⓒ 2010 SecuritySpecifiers™
>