Sean Berry – BMC Blogs http://www.bmc.com/blogs BMC Software Fri, 19 Jan 2018 10:03:59 +0000 en-US hourly 1 http://blogs.bmc.com/wp-content/uploads/2016/04/bmc_favicon-300x300-150x150.png Sean Berry – BMC Blogs http://www.bmc.com/blogs 32 32 Spectre and Meltdown Vulnerabilities: Avoid the War Room http://www.bmc.com/blogs/spectre-and-meltdown-vulnerabilities-avoid-the-war-room-pizza/ Wed, 10 Jan 2018 00:00:57 +0000 http://www.bmc.com/blogs/?p=11719 Researchers have discovered a new way that hackers can potentially exploit systems to expose passwords, keys, and other sensitive data – and this time it involves the physical hardware. (Source: NYTimes) These new vulnerabilities, called Spectre and Meltdown, were discovered in Intel processors, and more specifically the way that the processors anticipate requests and cache […]]]> How to Make WannaCry a Non-event: Ransomware’s Got Nothing on Us http://www.bmc.com/blogs/make-wannacry-non-event-ransomwares-got-nothing-us/ Thu, 08 Jun 2017 02:48:27 +0000 http://www.bmc.com/blogs/?p=10669 The WannaCry vulnerability that impacted more than 150 countries and took down computer systems in UK hospitals, stopped train service in Germany, and disrupted institutions in Asia and other areas, is a dramatic example of what could have been prevented by a patch that was originally released about 60 days ago. In fact, most breaches […]]]> How SecOps Response Service Addresses WannaCry Ransomware http://www.bmc.com/blogs/secops-reponse-service-addresses-wannacry-ransomware/ Wed, 17 May 2017 08:55:45 +0000 http://www.bmc.com/blogs/?p=10533 So, CVE-2017-0144 https://nvd.nist.gov/vuln/detail/CVE-2017-0144, a vulnerability that was identified about two months ago (published Mar 16 2017), is now being widely exploited in the wild, most visibly impacting hospitals in the UK’s National Health Service to the point that they’ve had to redirect incoming patients to other facilities. This vulnerability is addressed by Microsoft Bulletin MS17-010, […]]]> Simple Ways to secure your IT environment: MongoDB, default passwords, and general security http://www.bmc.com/blogs/simple-ways-secure-environment-mongodb-default-passwords-general-security/ Wed, 01 Feb 2017 01:47:50 +0000 http://www.bmc.com/blogs/?p=10127 Remote shell attacks against password-less systems date back to before the modern Internet era, and allowing root (administrative) users to connect directly using SSH (PermitRootLogon) still catches my attention.  We went through similar security challenges with MySQL, which in some default configurations also didn’t require a password for local connections.  Many Oracle database setup examples include common passwords, but […]]]>