InfoSec Tools, Tips and Thoughts

William McBorrough

Subscribe to William McBorrough: eMailAlertsEmail Alerts
Get William McBorrough: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by William McBorrough

As more vendors dive into the cloud computing market, every possible claim regarding the supposed benefits of moving to a cloud-based service is being made.  I ran across an article titled ” Why Cloud-based Monitoring is more reliable and secure than Nagios. ” The author, who represented a cloud-based network monitoring company, contended that the Software-as-a-Service (SaaS) model offered by his company was better for companies than Nagios and other open source products. The question is not  Cloud Computing vs. Open Source.  In fact, there are open source SaaS providers like MindTouch out there.  If considering a product like Nagios, a better comparison would be open source vs. commercial.  In many cases, cost is the determining factor for companies to look  to open source technologies. Other considerations include flexibility and security. The more relevant  com... (more)

The Values Proposition for Allowing Users Access to Social Networks

What is the values proposition for allowing employees access to web 2.0 resources such as social networks? Every other day, we hear about the risks. Compromised Twitter accounts, phishing via LinkedIN,  malicious Facebook apps were only a sample of an every growing landscape. Most enterprises, appreciating the threats these pose to an environment, simply deny access to social networks from company systems and networks. Even within such organizations, there are user who need to access social networks to perform their job functions. LinkedIn has become a great tool for recruiting... (more)

Cyber Security Alliance Helps Small Businesses Address Security Risks

Across all industries, small businesses are increasingly facing new threats related to cyber security. Whereas some have taken minimum steps to address these threats but most have not. New security threats and incidents are reported every day in news reports and a many remain unreported. This underscores the need for cyber security education of small business owners and managers. These threats have potentially serious consequences and could lead to unrecoverable damage to small businesses. What are some consequences of the lack of basic cyber security controls? Loss or stolen cus... (more)

Google Street View Wi-Fi Snooping: Commentary

On Saturday, April 28, the FCC released the full un-redacted report on Google’s Street View project. The report is only 25 pages long and can be found at the bottom of this post.  I find the following tidbits particularly interesting: " …Engineer Doe developed Wi-Fi data collection software code that, in addition to collecting Wi-Fi network data for Google’s location-based services, would collect payload  that Engineer Doe thought might be useful for other Google services. …Google made clear for the first time that Engineer Doe’s software was written specifically to capture payl... (more)

Many Companies Caught in Lurch as Microsoft Ends Support for Windows XP 2

On July 13, Microsoft will officially retire Windows XP Service Pack 2. Although it will continue to provide security updates for XP Service Pack 3, it will stop providing patches for the older SP2. Microsoft offers support for its products for five years and extended support for another five years. For XP SP2, that journey comes to an end on July 13. Windows XP 3 will be supported until April 2014. Microsoft issues security updates and other core operating system patches every second Tuesday of the month, known as Patch Tuesday. Whereas most home users typically install these p... (more)