Tag: IBM

  • VDB Relationships (Hugs and Bugs!)

    [This was originally published on the OSVDB blog.] Like any circle in any industry, having good professional relationships can be valuable to involved parties. In the world of security, more specifically Vulnerability Databases (VDBs), the relationships we maintain benefit the community behind the scenes. Like ogres and onions, there are layers. Someone from CVE and […]

  • Dr. Jekyll and Mr. Hide (Sun & Disclosure)

    [This was originally published on the OSVDB blog.] Today just happened to be the right day where I saw the Jekyll and “Hide” of Sun though. A few days ago, |)ruid posted about a Solaris ypupdated vulnerability in which he says it corresponds to CVE-1999-0208 / OSVDB 11517. Given the original vulnerability was published in […]

  • The Purpose of Tracking Numbers.. (IBM)

    [This was originally published on the OSVDB blog.] First it was HP, then it was Sun. Not to be outdone, IBM steps up and gives VDBs a headache. APAR IZ00988 is “sysrouted” to APAR IZ01121 and APAR IZ01122. Really IBM, the amount of information common to all three pages is overwhelming. Do you really need […]

  • 2007 Top Vulnerable Vendors?

    [This was originally published on the OSVDB blog.] http://www.eweek.com/article2/0,1895,2184206,00.asphttp://www.eweek.com/c/a/Security/Report-MS-Apple-Oracle-Are-Top-Vulnerable-Vendors/ New IBM research shows that five vendors are responsible for 12.6 percent of all disclosed vulnerabilities. Not surprising: In the first half of 2007, Microsoft was the top vendor when it came to publicly disclosed vulnerabilities. Likely surprising to some: Apple got second place. IBM Internet […]

  • Why I’m So Behind

    [This was originally published on the OSVDB blog.] Another night of working on OSVDB, mainly focusing on vulnerability import and creating our entries to cover issues. Most nights end with between 25 and 50 new entries and a feeling of accomplishment. Well, other manglers can see the accomplishment if they check the back end, and […]

  • Should you spy on your employees?

    [This was originally published on IBM Developer Works.] Should you spy on your employees?Why, when, and how to electronically monitor your staff Brian MartinDSIC Security GroupFebruary 2001 If you run a warehouse, you can spot pilfering by the number of empty boxes, or perhaps by noticing that employees are walking out with TV sets on […]

  • Securing your network; Your startup’s survival depends on it

    [This was originally published on IBM Developer Works and is mirrored on attrition.org.] Collecting customer demographics is good, and collecting payments online is good. But it isn’t good if this information is stolen from your company’s computers. Brian Martin examines how — and how often — this really happens, and what you can do to […]