Sean Berry – BMC Blogs BMC Software Mon, 25 Mar 2019 11:06:27 +0000 en-US hourly 1 Sean Berry – BMC Blogs 32 32 Spectre and Meltdown Vulnerabilities: Avoid the War Room Wed, 10 Jan 2018 00:00:57 +0000 Researchers have discovered a new way that hackers can potentially exploit systems to expose passwords, keys, and other sensitive data – and this time it involves the physical hardware. (Source: NYTimes) These new vulnerabilities, called Spectre and Meltdown, were discovered in Intel processors, and more specifically the way that the processors anticipate requests and cache […]]]> How to Make WannaCry a Non-event: Ransomware’s Got Nothing on Us Thu, 08 Jun 2017 02:48:27 +0000 The WannaCry vulnerability that impacted more than 150 countries and took down computer systems in UK hospitals, stopped train service in Germany, and disrupted institutions in Asia and other areas, is a dramatic example of what could have been prevented by a patch that was originally released about 60 days ago. In fact, most breaches […]]]> How SecOps Response Service Addresses WannaCry Ransomware Wed, 17 May 2017 08:55:45 +0000 So, CVE-2017-0144, a vulnerability that was identified about two months ago (published Mar 16 2017), is now being widely exploited in the wild, most visibly impacting hospitals in the UK’s National Health Service to the point that they’ve had to redirect incoming patients to other facilities. This vulnerability is addressed by Microsoft Bulletin MS17-010, […]]]> Simple Ways to secure your IT environment: MongoDB, default passwords, and general security Wed, 01 Feb 2017 01:47:50 +0000 Remote shell attacks against password-less systems date back to before the modern Internet era, and allowing root (administrative) users to connect directly using SSH (PermitRootLogon) still catches my attention.  We went through similar security challenges with MySQL, which in some default configurations also didn’t require a password for local connections.  Many Oracle database setup examples include common passwords, but […]]]>