Skip navigation.

Chris Foot

Syndicate content
Remote DBA Experts Blog
Updated: 25 weeks 3 days ago

The age of cybermercenaries [VIDEO]

Wed, 2015-03-04 12:23

Hi, welcome to RDX. Another group of cybercriminals, which has been dubbed Desert Falcons, was discovered by Kaspersky Lab researchers. The organization’s operations typically target the Middle East, but its reach is expanding to Europe and North America.

Desert Falcons specializes in cyberespionage. After infiltrating an infected system, the perpetrators will insert backdoor malware designed to pull data continuously. Its flagship Trojan can take screenshots, log keystrokes, upload files and steal passwords.

The discovery of Desert Falcons is a reminder of how the hacker underground has evolved since the 90s. This particular organization acts as a contractor. This means criminal figures, political groups and other entities can hire Desert Falcons to conduct a variety of surveillance endeavors.

How do you combat these groups? Working with a team of experts to install database monitoring tools and constantly assess backend systems. Thanks for watching!

The post The age of cybermercenaries [VIDEO] appeared first on Remote DBA Experts.

3 things we learned from the Linux Collaboration Summit

Thu, 2015-02-26 12:32

On February 13th, developers participating in the Linux project assembled in Santa Rosa, California to assess the kernel's development over the past year. It's been nearly 20 years since Linux 1.0 was released, and the solution has evolved considerably since then. 

InformationWeek contributor Charles Babcock acknowledged statements made by Dan Frye, IBM's vice president of open systems, who maintained that Linux is one of a kind, given the fact that the project has grown so much since its inception. During the conference, a number of Linux facts were brought up that some may not be aware of. Let's take a look at some of these findings.

1. Developer profile expands
According to Ars Technica, an estimated 2,000 developers were added to the Linux project over the pat 15 months, making up nearly 50 percent of all the engineers currently writing code for the OS kernel. The news source cited a report released by the Linux Foundation around the time of the Collaboration summit. 

"Linux kernel 3.15 was the busiest development cycle in the kernel's history," noted the Linux Foundation, in an announcement, as quoted by the news source. "The average number of changes accepted into the kernel per hour is 7.7, which translates to 185 changes every day and nearly 1,300 per week." 

2. Linux is reaching 19 million lines of code
Babcock noted that when Linus Torvalds first disclosed the open source kernel, Linux had 10,250 lines of code. In December of last year, exactly 18,997,848 lines of code were featured in the 3.18 kernel. Six releases were unveiled throughout 2014, resulting in 1 million lines being added. 

This speaks to just how much the kernel has grown over the past two decades. It acknowledges just how much you can do with this program, and why it's the OS of choice among many system administrators. 

3. Its development rate is accelerating 
With more developers on board and a sizeable code portfolio, one could imagine kernel releases are hampered by the pains of exchanging ideas among so many contributors. However, this isn't the case. The Linux project has fully adopted the ideals behind open source development – that software should be continuously revised whenever changes are made. 

Now, a new Linux kernel is released about every 70 days or so. The 3.18 version was developed and released after 63 days of collaboration, according to Babcock. It's a testament to Linus Torvalds' mission of creating a best-in-class OS kernel. 

The post 3 things we learned from the Linux Collaboration Summit appeared first on Remote DBA Experts.

Database security monitoring identifies employee wrongdoing [VIDEO]

Thu, 2015-02-26 09:01


Hi, welcome to RDX! When it comes to security, many think about external threats, but rarely regard internal forces. Yes, we’re talking about the disgruntled employees.

Don’t think that’s much of a concern? A survey conducted by Harris Interactive found that 19 percent of workers aged 18 to 34 said they would steal company information if they knew they were going to be fired. In addition, 16 percent of respondents noted they were able to access systems through old user authentications.

Not only do database monitoring programs assess systems for malware and spyware, they also record user activity. This means when unauthorized persons gain entry to a database, a team of DBAs is notified of the situation. In some cases, this technology can be adjusted to block those using outdated credentials from accessing the databases entirely.

Thanks for watching! Check back next time to learn how database monitoring services can help protect your information.

The post Database security monitoring identifies employee wrongdoing [VIDEO] appeared first on Remote DBA Experts.

Meet the new face of bank robbery

Thu, 2015-02-26 02:43

Bandits equipped with revolvers and bandoleers aren't that big of a threat compared to a small army of cybercriminals armed with laptops. Why go through the trouble of physically robbing a bank when you can hack into its databases?

Once a hacker successfully infiltrates a financial institution's database, a wealth of information is at his or her disposal. They're after customer data, enabling them to siphon money from checking and savings accounts, and use other data that could prove a sustainable source of income.

The work of groups
Much like how it was in the old west, the smart perpetrators aren't working alone. The more people you have on your side, the better chance you have of winning. At the Kaspersky Security Analyst Summit in Cancun, Mexico, which took place earlier this month, attendees unmasked Carbanak, a cybercrime gang comprised of members located across Russia, Ukraine, China and other European countries.

Carbanak has been responsible for pilfering approximately $1 billion over two years from 100 banks from Australia to the United Kingdom. The organization employs spear-phishing attacks that zero in on bank employees, and also favors using remote Trojan backdoors that spy on infected users, steal data and provide access to infiltrated machines.

Kaspersky Lab's Sergey Golovanov, principal security researcher at the firm's global research and analysis team, noted that one bank reported being hit multiple times by the gang. Its systems were ultimately infected by exploiting unpatched versions of Microsoft Office.

Invested in their work
What shocked InformationWeek's Susan Nunziata so much was that spear-phishing campaigns were so successful. The phishing emails were so well written that employees believed such messages were sent from fellow colleagues. Based on Kaspersky's insights, the Carbanak hackers dedicated an incredible amount of time and resources refining their tactics.

The security research firm's report showed that attackers infected video surveillance equipment to monitor bank clerk behaviors. In addition, Carbanak members used monitoring tools that enabled them to further mimic employee actions. Whenever the gang would successfully infiltrate a bank, it would assess its processes and networks for anywhere between two and four months, making away with an estimated $10 million per hack.

This situation underlines the need for database monitoring tools that can spot peculiar activity. It's only a matter of time before such malicious operations impact financial institutions in the U.S., and it's time they brace themselves.

About RDX
Since its inception in 1994, RDX has helped hundreds of organizations lower database administration support costs while increasing performance and availability. RDX provides 100 percent US-based, 24×7 support for Oracle, Oracle EBS, SQL Server, PostgreSQL, MySQL and DB2 databases as well as operating system support for all major Windows, Unix and Linux offerings.

RDX's highest priority is to safeguard its customers' sensitive data stores, and its expert staff of highly-trained professionals is backed by a monitoring and support infrastructure that has been continuously improved and enhanced throughout its 20-year history.

The post Meet the new face of bank robbery appeared first on Remote DBA Experts.

Microsoft addresses bug that impacts all Windows iterations [VIDEO]

Wed, 2015-02-25 10:33


Hi, welcome to RDX! Microsoft finally addressed a bug that could have enabled hackers to initiate man-in-the-middle attacks. The vulnerability was discovered nearly 15 years ago by JAS Global Advisors, a security firm from Chicago.

The flaw, which was dubbed Jasburg, posed grievous concerns for many organizations. In some cases, Jasburg could allow a figure to install malware, manipulate data or create administrator accounts. All of these actions were conducted through a business’s Active Directory.

Why did it take so long to address? Silicon Angle noted Jasburg was rooted in the Windows OS design. This meant that Microsoft had to re-engineer central components of its flagship OS and add a list of new functions. The patch should be implemented once users reboot their systems.

Thanks for watching!

The post Microsoft addresses bug that impacts all Windows iterations [VIDEO] appeared first on Remote DBA Experts.

How will the BI industry progress in 2015? [VIDEO]

Tue, 2015-02-24 14:38


Hi, welcome to RDX! Nowadays, almost every company uses business intelligence tools. Whether measuring return on investment or identifying your most popular products, BI can be an integral part of your operation.

But how will the technology progress in 2015? For one thing, it’s likely that new iterations of relational databases will receive integrated analytics functions. SQL Server is one particular solution that has become more compatible with Power BI, Microsoft’s signature BI application.

Mobile analytics has garnered much attention, but, in general, most implementations aren’t as flashy as some users would like them to be. However, many companies are engineering their apps to perform data analysis on the backend. This means servers running SQL databases will do the heavy lifting.

Thanks for watching! If you want to know how BI tools can be integrated into your databases, consult a team of DBAs.

The post How will the BI industry progress in 2015? [VIDEO] appeared first on Remote DBA Experts.

SQL injections still on the rise [VIDEO]

Mon, 2015-02-23 12:28


Hi, welcome to RDX! SQL injections have been around for some time. However, they’re not necessarily outdated. Cybersecurity experts have noted that hackers are still using SQL injections to infiltrate databases.

Although the number of SQL injection-based attacks declined steadily over the past several years, 2014 saw a sharp uptick of such instances. DB Networks blamed the deadlines and cost constraints many software development projects operate under. These restrictions sometimes cause engineers to skimp on the back-end security components necessary to maintain application integrity.

The question is, are your databases open to SQL injections? Have a team of DBAs assess your software’s data transaction algorithms. Scrutinize every SQL query your applications initiate, and you’ll be able to identify any problem areas that may leave you open to attack.

Thanks for watching! Check in next time for more SQL security news!

The post SQL injections still on the rise [VIDEO] appeared first on Remote DBA Experts.

The Database Protection Series- Vulnerability Assessments

Fri, 2015-02-20 09:07

This is the fourth article of a series that focuses on database security.  In my introduction, I provide an overview of the database protection process and what is to be discussed in future installments.   In last month’s article, we finished our discussion of the most common threats and vulnerabilities.  In this latest installment, we’ll review the database vulnerability assessment process.  We’ll begin by learning how to perform an initial database vulnerability assessment.   In addition, we’ll discuss the importance of performing assessments on a regular basis to ensure that no new security vulnerabilities are introduced into our environment.

Vulnerability Assessment Overview

The vulnerability assessment provides a detailed security analysis of the database systems being protected.  Their release and patch levels will be identified and compared to vendor security patch distributions as well as how well industry and internal security best practices are being followed.   The types of vulnerabilities range the spectrum, from weak and default passwords to unpatched (and often well known) database software weaknesses.

Ranking the vulnerabilities allows the highest priority issues to be addressed more quickly than their less important counterparts.  After the vulnerabilities are addressed, the configuration is used as a template for future database implementations.  The configuration assessment template document should be reviewed monthly to ensure that it protects against newly identified database system and administrative process vulnerabilities.

Third-Party Vulnerability Scanners

You will notice that I often refer to the McAfee database security protection products in my blogs.  If you are truly serious about protecting your database data, you’ll quickly find that partnering with a security vendor is an absolute requirement and not “something nice to have.”   Since RDX offers breach protection as a service, we needed to choose a leading vendor that has a strong offering in the database security space.

To better understand the benefits that these products provide, I’ll use McAfee’s vulnerability scanner as an example.   This isn’t a sales pitch for the product or the vendor; it is the product that RDX chose and, as a result, the one whose features I have the most experience with.   There are numerous scanning products available on the market to choose from.

The McAfee Vulnerability Manager is a security software product that uses a library of predefined vulnerabilities to scan the database being evaluated.   McAfee’s security labs, consisting of 400 researchers, have created over 4,700 vulnerability checks that evaluate the potential risks generated from a myriad of threat vectors.

Here’s a laundry list of the benefits that McAfee provides to RDX.   As stated previously, the intent is to highlight the capabilities these types of products provide and why they are so important to achieving our goal of safeguarding our sensitive database data stores.

  • Scanner rules are automatically updated regularly to identify new vulnerabilities
  • Provides templates for PCI DSS, SOX, HIPAA and other regulations, as well as user defined scans for DBAs, developers, and security teams
  • 4,800 vulnerability checks including:
    Auditing OS Tests Backdoor Detection PCI DSS Checks CIS Benchmarking Password Discovery DB Configuration Patch Checks Credit Discovery STIG Benchmarks Custom Checks Unused Features Data Discovery SQL Injection Default Password Buffer Overflows Weak Passwords Insecure Code Shared Passwords Code Weaknesses Release/Patch Versions Encryption Discovery
  • Provide actionable intelligence on how to address risks, including fix scripts whenever possible
  • Ability to discover databases and tables containing sensitive data automatically
  • Conducts port scans to identify database version and patch status
  • Supports major database platforms including Oracle, SQL Server, DB2, MySQL
  • Automates discovery of databases on the network
  • Locates and identifies tables containing sensitive information
  • Presents findings in preconfigured reports for various compliance standards
  • Reports order items by priority

After reviewing the product’s features, it is obvious that scanning tools, as a class of products, offer a wealth of benefits.  McAfee’s vulnerability scanner provides templates for several industry regulatory requirements.   This allows RDX to scan customers’ environments to quickly demonstrate proof of compliance for PCI DSS, SOX, HIPAA, GLBA, etc..  The recommendations are prioritized based on vulnerability and consist of the vulnerability definition, ranking and instructions to correct.  As stated at the beginning of this article, ranking the vulnerabilities allows the highest priority issues to be quickly addressed.

Ongoing Vulnerability Scanning

Once the database vulnerabilities have been identified and addressed, the challenge is to ensure that the internal support team’s future administrative activities do not introduce any additional security vulnerabilities into the environment.  Subsequent scans, run on a scheduled basis, ensure that no new security vulnerabilities are introduced into the environment.

Leveraging Database Security Best Practices to Reduce Vulnerabilities

What happens if your organization doesn’t have the funds to purchase a vulnerability scanning product?   There are numerous discussion forums and code depots on the web, so you can find homegrown scripts that may help. However, you are certainly exposing your environment to unidentified security vulnerabilities if you depend solely on these publicly provided solutions.

A much better alternative is to utilize database administration security best practices, which include database hardening procedures, to reduce the number of potential vulnerabilities.  I’ll cover administrative best practices in my next article.  We’ll take an in-depth look at the benefits of database hardening and its direct impact on reducing vulnerabilities.

Thanks for reading!

The post The Database Protection Series- Vulnerability Assessments appeared first on Remote DBA Experts.

4 To-dos before migrating from Windows Server 2003 [VIDEO]

Fri, 2015-02-20 08:24


Hi, welcome to RDX! Microsoft support for Windows Server 2003 ends in mid-July. So, what do you need to do to prepare?

First, assess your hardware. How many machines are running 2003? What are the component details of those servers?

{marker} Second, create a performance portfolio of servers operating on 2003. How heavily were these assets utilized? Were any machines used less than 50 percent throughout their lifecycles?

Third, get rid of the systems your business doesn’t require. Unless you’re planning on expanding, there’s no point in trying to find use for servers that aren’t needed.

{marker} Fourth, develop a list of solutions and services that can be provisioned onto existing servers. The more workloads that can be consolidated onto individual systems, the leaner your business will be.

Thanks for watching! If you need guidance migrating from Windows Server 2003, check out our OS support page to find out how we can help.

The post 4 To-dos before migrating from Windows Server 2003 [VIDEO] appeared first on Remote DBA Experts.

Stock brokers do a fine job of securing assets [VIDEO]

Thu, 2015-02-19 08:17


Hi, welcome to RDX! Recently purchased stock? Worried about hackers stealing your investment data? Have no fear – your broker’s cybersecurity plan is likely up to par.

The Securities and Exchange Commission recently surveyed 106 financial advisories, assessing their ability to protect client information. Each firm’s software, back-end systems, devices and strategies were scrutinized. The SEC discovered 89 percent of brokers audited their own cybersecurity policies to make sure they complied with federal standards.

Brokerage firms didn’t stop there – 71 percent of them outlined cybersecurity requirements in their contracts with vendors and business partners. In addition, more than half of brokers currently pay for cybersecurity insurance.

This approach is a prime example of what makes a complete data protection plan. Want to know how RDX can help you develop a strategy? Check out our database security monitoring page to learn more!

The post Stock brokers do a fine job of securing assets [VIDEO] appeared first on Remote DBA Experts.

Can you detect the malware on your machines?

Wed, 2015-02-18 08:43

There's nothing worse than having a nefarious digital worm weaving in and out of your servers, stealing information from enterprise applications and databases under the guise of a legitimate file.

An open source mentality
Unfortunately, malware is engineered much like how open source software is: A community of developers (in this case, hackers) are given access to a machine where a program can be continuously updated and refined.

Some would argue that malware construction is a process capable of accessing more resources, as cybercriminals view such programs as their bread and butter. Sure OSS developers make money, but the solutions they create aren't their direct sources of income.

Bottom line: Malware is sophisticated. Thankfully, there are services and monitoring solutions capable of detecting such programs, providing experts with the insight to eradicate it.

Why is malware so pesky?
There's a reason why malware has been the bane of many operations (see our post about malicious programs that target banks.) According to InfoWorld contributor Roger Grimes, one of the reasons why common computer and server surveillance software fails to identify malware is because engineers in the hacker community regarded as professionals write these viruses to self-update whenever they're detected. Grimes maintained that "no [antivirus] product is 100 percent accurate. No product is going to be superaccurate over the course of a year."

With this perspective considered, Grimes highly advised systems administrators to ensure their OSs are fully patched. Given the limited resources and time sysadmins have, hiring a team of outside experts may be advisable. Being able to access the expertise of professionals who constantly stay in the know about new Linux and Windows server bugs is invaluable.

A helpful resource
While not the only antimalware program available for Linux, Maldet is one  that is particularly useful for detecting php backdoors, darkmailers and a list of other malicious files that can tarnish a website, according to Tecmint. The program can run on a number of Linux distros such as RHEL 7.0, CentOS and Fedora version 21 through 12. There are plenty of self-help guides that can provide Linux users with the knowledge they need to install and configure Maldet based on their organization's needs. The antimalware solution enables system administrators to take advantage of email alerts, quarantine options, scan options, statistical analysis and monitoring capabilities.

Again, Maldet is just one out of many malware programs. If you're unsure as to which one is a good fit for your operations, it may be best to consult a group of experts on the matter.

About RDX
Since its inception in 1994, RDX has helped hundreds of organizations lower database administration support costs while increasing performance and availability. RDX provides 100 percent US-based, 24×7 support for Oracle, Oracle EBS, SQL Server, PostgreSQL, MySQL, and DB2 databases as well as operating system support for all major Windows, Unix and Linux offerings.

RDX's highest priority is to safeguard its customers' sensitive data stores, and its expert staff of highly-trained professionals is backed by a monitoring and support infrastructure that has been continuously improved and enhanced throughout its 20 year history.

The post Can you detect the malware on your machines? appeared first on Remote DBA Experts.

RHEL 7.1 gains Power8 processor support [VIDEO]

Wed, 2015-02-18 08:34


Hi, welcome to RDX! Red Hat Enterprise Linux 7.1 may still be in beta, but some of its features are definitely worth noting.

V3 noted that IBM has made the Power8 version of RHEL 7.1 available via its Power Development Platform. Support for Power8 was implemented through the little endian instruction format. System administrators can download 7.1 for testing purposes.

The shift to little endian mode is essential, because it opens IBM’s Power platform to a wider Linux ecosystem. This move ultimately adds value to IBM’s Power Systems and z Systems mainframe businesses.
Wondering how this technology could affect your systems? Consult a team of Linux experts to determine whether migration from the x86 architecture to Power Systems is right for you.

Thanks for watching!

The post RHEL 7.1 gains Power8 processor support [VIDEO] appeared first on Remote DBA Experts.

Did your data survive Juno? [VIDEO]

Tue, 2015-02-17 08:09


Hi, welcome to RDX! A couple of weeks ago, the Northeastern U.S. was hit by Juno, a blizzard that got us thinking about disaster recovery.

Take insanely cold weather, two feet of snow and strong winds, you’ve got yourself the makings of an outage. There’s a chance all those tree limbs hanging over power lines may initiate a DR plan. Ensuring your data center’s generators are protected from the cold is an essential part of keeping systems online.

But what if the worst occurs? This is where a database and server replication strategy comes into play. GoldenGate, a solution that supports log-based bidirectional data replication, can help you replicate applicable information and migrate it to online servers.

Thanks for watching! If you want to learn about how RDX can help you develop a replication strategy, check out our services page in the transcript!

The post Did your data survive Juno? [VIDEO] appeared first on Remote DBA Experts.

Next Windows Server edition postponed 'til 2016 [VIDEO]

Fri, 2015-02-13 10:50


Hi, welcome to RDX! With all the talk about Windows 10, systems administrators are wondering what’s in store for the next version of Windows Server.

Apparently, interested parties will have to wait until 2016. ZDNet’s Mary Jo Foley noted Microsoft intends to further refine its flagship server operating system instead of releasing it at the same time as Windows 10.

Windows Server 2003 will cease to receive any support from Microsoft this July. As a result, it’s expected that companies will upgrade to Windows Server 2012 R2. In light of this prediction, some have speculated that a new version of Windows Server would not receive the adoption rates Microsoft would want to see.

Thanks for watching! Check in next time for more OS news.

The post Next Windows Server edition postponed 'til 2016 [VIDEO] appeared first on Remote DBA Experts.

Health care needs and database service requirements

Fri, 2015-02-13 08:03

Delivering affordable, quality care to patients is an objective every health care organization in the United States would like to achieve, but doing so necessitates the appropriate backend systems. 

From a database administration service standpoint, hospitals, care clinics and other institutions require solutions with strict authentication protocols and integrated analytics functions. In addition, these databases must be accessible by those who frequently view patient information. These needs demand a lot from DBAs, but sacrificing operability isn't an option. 

Assessing the health care arena 
Bruce Johnson, a contributor to Supply Chain Digital, outlined how U.S. health care providers are managing the industry's forced evolution. The implementation of the Affordable Care Act incited a wave of supply chain redevelopment, technology consolidation and electronic health record systems integration. It's an atmosphere that has administrators and upper management wearing more hats than they can fit on their heads. 

Consider the impact of EHR solutions on health care workflow. The primary reason why their deployment is required by law is because they promise to allow professionals in the industry to share patient information more effectively. For example, if a person's primary care physician suspects that his or her patient may have a spinal problems, the PCP may refer that individual to a chiropractor. In order to provide the specialist with as much information as he or she needs, the PCP delivers the patient's EHR to the chiropractor.

What does this mean for databases? 
EHR software primarily handles structured information, containing data regarding an individual's ailments, past medications, height, weight and so forth. Therefore, it makes sense that these solutions would operate on top of databases using structured query language. 

One of the reasons why relational engines such as MySQL, SQL Server and Oracle 12c are necessary is because of the transaction protocol these solutions abide by: atomicity, consistency, isolation and durability.

According to TechTarget, what the ACID model does is ensure that data transfers or manipulations can be easily monitored and validated. The rule set also negates the prevalence of unauthorized or invalid data transportation or changes. For example, the "consistency" component of ACID returns all information to its original state in the event a transaction failure occurs. 

With this protocol in mind, health care organizations using relational databases to support their EHR systems should consult a database monitoring service. As EHR hold a wealth of sensitive information, hackers are likely to target these records whenever possible. 

The post Health care needs and database service requirements appeared first on Remote DBA Experts.

4 ways hackers can infiltrate your systems

Thu, 2015-02-12 03:06

With the number of data breaches that have occurred of late, it's a wonder how hackers are managing to take advantage of what some would regard as solidly-built systems.

It's best to think of the cybercriminal underworld as an open source community. These figures help each other identify vulnerabilities in a wide variety of vendor-based systems and even construct malware in groups. This approach is causing a world of grievances for organizations, but how exactly are they managing to do it?

1. Phishing
All things considered, this particular tactic isn't equivalent to a secret agent sneaking into a highly-secured data center. Instead, phishing is more akin to the kind of duplicity employed by Jordan Belfort in "The Wolf of Wall Street." Phishing emails are incredibly well-crafted nowadays, and are true testaments to some hackers' use of human communication.

Presidio spoke with Cisco Cyber Security Business Development Manager for the Public Sector Peter Romness, who maintained that phishing is an incredibly common technique. Once a victim clicks a malicious link, he or she then opens corporate networks up to a wide variety of infiltration methods.

2. Installing backdoors
Dark Reading contributor Alon Nafta noted that more advanced breach methods involve the implementation of a back door. For instance, this can be done by stealing administrative rights to a Linux OS running on a corporate server and then using rootkits that have loadable kernel modules to adjust the code so that a backdoor exists.

There are many ways in which backdoors can be installed, but they're usually small in nature. The grander, more dangerous operations are conducted after further manipulation of a system has occurred through a backdoor.

3. Wrapping
This particular strategy is one that enhances malware evasion, and is employed post-infection. Nafta asserted that wrapping occurs when a virus attaches itself to a legitimate file. For instance, a compromised Adobe Reader upgrade could contain a malicious payload, but the latter is typically installed before the authorized file is. IceFog is one type of malware that is usually wrapped with a valid-looking CleanMyMac download, and is employed to target those using OS X.

4. Obfuscation
Another evasive function, this involves changing high level or binary code in a manner that does not impact a program's operability, but fundamentally changes its binary signature. Malware coders employ obfuscation in order to bypass antivirus detection programs and blind manual security assessments. Nafta acknowledged that using XOR encoding can help cybercriminals employ obfuscation.

The post 4 ways hackers can infiltrate your systems appeared first on Remote DBA Experts.

Will Oracle Linux experts need a rundown of Docker?

Mon, 2015-02-09 01:58

Container technology solution Docker was the talk of the industry last year, as the open source project partnered with IBM, Microsoft and a list of other tech companies in order to reduce server energy usage and drastically simplify software development.

Now, Oracle is hopping on the Docker bandwagon, making its Oracle Linux distribution available in a Docker container on the Docker Hub, according to InformationWeek's Charles Babcock. The goal is to make Oracle Linux more appealing to developers looking to transport apps across different environments. 

Ready for download 
This isn't the first Linux distro to be offered through Docker Hub. Babcock noted that Canonical's Ubuntu had integrated Docker support before Oracle (although Ubuntu is an operating system designed for desktops). In addition, server-based Linux OS distros SUSE, CentOS and Red Hat Enterprise Linux are now available via Docker Hub. 

This poses an interesting question as to how Oracle Linux support groups will integrate Docker's technology into client infrastructures. Think of the impact this development will have on Web-based businesses. Data Center Knowledge noted that more than 33 percent of the globe's websites operate on servers running off of Linux. Therefore, websites running on Oracle Linux may grow leaner, enabling developers to further test the limits of how many features and back-end functions they can add to websites. 

Not the only Oracle product 
Oracle isn't necessarily late to the game as far as Docker integration is concerned. Oracle also owns open source database MySQL, which can be downloaded from Docker Hub. Oracle Senior Vice President of Linux and Virtualization Engineering Wim Coekaertz stated how MySQL's Docker compatibility will impact DBAs who use the database engine. 

"With Oracle Linux and MySQL images available on the Docker Hub Registry, users will be able to quickly create and publish custom Docker containers that layer applications on top of Oracle Linux and MySQL, which is a great time-save for both independent software vendors and IT departments," said Coekaertz, as quoted by DCK.

Coekaertz expanded on the issue, asserting that although Docker promises to simplify virtual machines, he doesn't believe the open source project will deliver "complete isolation" to those who download the Dockerized version of Oracle Linux. 

As far as MySQL is concerned, he believes a Docker-compatible MySQL engine will enhance DevOps staff by allowing engineers to share the container across different teams. This is a role that will help Oracle experts accommodate companies looking to support hybrid environments. 

The post Will Oracle Linux experts need a rundown of Docker? appeared first on Remote DBA Experts.

Is cybersecurity a low priority for local US governments?

Thu, 2015-02-05 01:08

While United States federal authorities are painstakingly trying to determine how database monitoring services and network surveillance techniques can defend them against cyberattacks, it's a wonder if state and local governments are giving the issue the attention it deserves.

Local authorities hold the type of data hackers use to commit identity theft, such as drivers license numbers, Social Security information, home addresses and phone numbers. The aim isn't to unmask military or industrial secrets, but to steal constituent data.

Defenses aren't so tight
The Financial Times study noted that more than 66 percent of US government data breaches occurred at the state or local level. Shape Security Senior Threat Researcher Wade Williamson noted such entities are "enticing targets," because they generally lack the resources or talent required to reinforce security measures. In regard to this factor, many fledgling hackers may infiltrate sparsely guarded databases that receive low maintenance in order to bolster their reputations among the hacking community.

"Hackers can expose a bunch of personal information and post it out there to show 'we broke into a site,'" said Williamson, as quoted by the source. "It is going to gain them notoriety."

Who's doing the damage?
FT noted that cybercriminals stole approximately 280,000 Social Security numbers when they infiltrated Utah state government servers in 2012, so it's clear that hackers with financial goals are a part of the problem.

Yet hacktivist groups seem to target local governments the most. After the Michael Brown shooting, notorious hacktivist entity Anonymous posted a video stating that if the Ferguson Police Department or any other judicial authority harassed or harmed the protestors in Ferguson, the entity would take all government and departmental Web-based assets offline and release personal information of police officers to the public.

Whether or not Anonymous was justified in making this threat is beside the point, which is that local authorities are not exempt from experiencing database attacks.

Priorities are elsewhere
Government Technology commented on various State of the State addresses, highlighting points made by governors who want to focus on transportation development and developing stronger curriculums in science, technology, engineering and math. As far as IT is concerned, digital services were mentioned, as well as broadband expansion.

However, cybersecurity wasn't acknowledged in the article whatsoever. The primary focus is directed toward improving constituent access to the Internet. There's nothing wrong with this priority, but ignoring cybersecurity can only lead to greater system vulnerabilities.

For a look at how the federal government is responding to increasing cyberattacks, check out our post discussing President Obama's proposal of a new breach notification law.

The post Is cybersecurity a low priority for local US governments? appeared first on Remote DBA Experts.

Internet browsers at the heart of enterprise hacks, says study

Tue, 2015-02-03 09:47

Which browser are your employees using? Their choices may affect how secure your digital enterprise assets are. 

Microsoft's Internet Explorer is often characterized as being the least secure among Firefox, Chrome and Safari, but is this really the case? What features are indicative of an insecure Web browser? What sort of techniques are hackers using to access databases through Internet browsers? 

The point of infiltration 
According to a study conducted by the Ponemon Institute, and sponsored by Spikes Security, insecure Web browsers caused 55 percent of malware infections over the course of 2014. Both organizations surveyed IT professionals for the report, the majority of whom maintained that their current security tools are incapable of detecting Web-borne malware. 

"The findings of this research reveal that current solutions are not stopping the growth of Web-borne malware," said Ponemon Institute Chairman and Founder Dr. Larry Ponemon, as quoted by Dark Reading. "Almost all IT practitioners in our study agree that their existing security tools are not capable of completely detecting Web-borne malware, and the insecure Web browser is a primary attack vendor. 

The Ponemon Institute and Spikes Security also made the following discoveries: 

  • 69 percent of survey participants maintained that browser-borne malware is more prevalent than it was a year ago. 
  • Nearly half of organizations reported that Web-based malware bypassed their layered firewall defense systems.
  • 38 percent of respondents maintained sandboxing and content analysis engines still allowed Web-borne malware to infect corporate machines. 

Which is the biggest target? 
Dark Reading acknowledged that the number of flaws discovered in Chrome, Firefox, Internet Explorer, Opera and Safari decreased 19 percent in 2014. Google attributed this success to its bug bounty program. Last year, the tech giant paid $1.5 million to researchers who found more than 500 bugs in its Web browser. 

However, Firefox was the most exploited Browser at Pwn2Own 2014, a hacking challenge hosted by Hewlett-Packard, according to eWEEK. The open source Web browser possessed four zero-day flaws, all of which were taken advantage of. Since the March 2014 event, Firefox has patched these vulnerabilities. 

Yet it's important to determine which browsers are the most popular among professionals and consumers alike, as this will dictate hackers' priorities. It makes more sense for a cybercriminal to target a heavily-used browser than it is for him or her to attack one that is sparingly used. regarded Chrome as the most frequently used solution, so it's likely that hackers are focusing their efforts on this particular browser. 

The post Internet browsers at the heart of enterprise hacks, says study appeared first on Remote DBA Experts.

Last year's big four cybersecurity vulnerabilities [VIDEO]

Mon, 2015-02-02 09:04


Hi, welcome to RDX! 2014 was a rough year in regard to cybersecurity. Between April and November of last year, four critical vulnerabilities were unraveled. Here’s a recap.

The Heartbleed bug is a flaw in the Open SSL cryptographic software library that allows people to steal data protected by the SSL/TLS encryption method.

Shellshock is a collection of security bugs used in the Unix Bash shell, which could potentially allow a hacker to issue unsanctioned commands through a Linux distribution.

Winshock enables those exploiting the flaw to possibly issue denial-of-service attacks and enter unauthenticated remote code executions.

Lastly, Kerberos Checksum could allow Active Directory to regard incorrect passwords as legitimate, exposing corporate networks.

As the former three vulnerabilities are applicable to both Windows and Linux server operating systems, consulting with personnel capable of assessing and patching these bugs is critical.

Thanks for watching! Visit us next time for news regarding operating system vulnerabilities.

The post Last year's big four cybersecurity vulnerabilities [VIDEO] appeared first on Remote DBA Experts.