Should have been posted yesterday | Let’s Read the Geek Mail

November 20, 2009 · Posted in Geek Mail 

I’ve been playing some catch-up all morning. Yesterday had a hectic day working on a couple of client requirements. Spent most of the morning today trying to figure out how to install a CAPTCHA feature in one of my sites. If I don’t get sidetracked or I don’t forget, I’ll talk about this very important feature especially if you have a site that allows for registration and other stuff.

Yesterday, I wanted to introduce another section of the site that I plan to do every Thursday, I call it “Geek Mail”. I subscribe to a whole bunch of mailing lists that has something to do with Technology, Security and a whole bunch of other stuff that is essentially the overall theme of this blog. Sometimes I get to read some of them, but most of the time they languish in my mailbox as “clutter”.

So I figured, I post some of them here (at least the intro and the link to the actual article, don’t wanna get dinged on some weird copyright infringement thingamajig)… I see this as having three benefits: (1) it’ll force me to read more, since I’ll try not to post anything that don’t make any sense to me;  (2) hopefully some of you will get some valuable nuggets out of these articles; (3) If the links don’t get outdated, it’ll help create my own personal knowledgebase just in case I am researching something, which you can use as well.

A quick disclaimer: Some of the links will require you to subscribe to their newsletter or whatever else they are offering. Please read and use your common sense. I have nothing to do with these people, I am much of a browser of their sites as you are and I am not getting paid on any of this stuff (If ever I am paid for anything I write – you will know). It is for your information and if you find value on the info, it is your job and your responsibility to take the necessary steps to get and properly use the info.

So without further ado, Let’s Read Geek Mail:

IBM Smart Business — Rewriting the Rules of IT for Small and Medium-Sized Businesses
From the PC to the Internet to every piece of hardware and software in between, technology innovation has been a key factor in helping small and medium-sized businesses in their struggle to provide better customer service, improve efficiencies, respond to competitive threats, efficiently grow their business, and increase the bottom line. IBM® can help. Introducing IBM Smart Business, a new three-in-one solution that makes it easier than ever to find, run, and manage your business applications. Search for applications across multiple suppliers using the Smart Market, run those applications on the Smart Cube, and then manage them with the Smart Desk — all with one single point of contact for troubleshooting support. Read this white paper to learn more.  CLICK TO DOWNLOAD THE WHITEPAPER

Improving Process Flexibility: How to Respond Quickly to Changing Market Demands by Streamlining Processes
Sponsored By:    Oracle Corporation
Midsized organizations are under increased pressure to not only freeze expenditures but to also produce more return than ever from existing assets. Read this whitepaper and learn strategies to improve process flexibility and transparency through centralizing data management. Discover how your firm can:

  • Achieve elevated ROI
  • Adapt more easily to changing requirements
  • Identify problems easier and resolve them more quickly

Achieve ROI on a tight budget. Learn more.

Don Intermission: I thought I will be able to go through a whole bunch of e-mails, but this next set came from one e-mail and I think it should be enough geekiness for the week. I think it is pretty timely, too since it deals with Windows 7 Security… Windows? Security? For some reason everytime these two words are put together the next phrase that comes to mind is “about as many blonde jokes”… ;-)

Take a look at Windows 7 application control and remote access
by Michael S. Mimoso, Editor – mmimoso@…

Have you started looking at the built-in security features in Windows 7? Some of our best security experts and contributors sure have, and they’ve been pretty eager to share their early insights with SearchMidmarketSecurity.com readers. In case you’ve missed it, here are some links to the technical content our experts have been filing:

How to use Microsoft Windows 7 AppLocker for whitelisting applications
Windows 7 AppLocker is Microsoft’s latest tool to help organizations block the execution of unwanted applications on endpoints.
http://go.techtarget.com/r/9950432/6358329

How to automate and apply Microsoft Windows 7 AppLocker rules
Microsoft Windows 7 AppLocker enables administrators to automate rules generation, but proceed slowly to get a feel for its whitelisting capabilities.
http://go.techtarget.com/r/9950433/6358329

Understand the pros and cons of Microsoft Windows 7 DirectAccess
The upcoming Windows 7 features Microsoft Windows 7 DirectAccess, a built-in secure remote access capability.
http://go.techtarget.com/r/9950434/6358329

Tradeoffs and advantages of network access control with Microsoft NAP
Microsoft NAP’s endpoint security policy compliance checks and integration with third-party security products make it an attractive option over traditional network access control solutions.
http://go.techtarget.com/r/9950435/6358329

MORE ON SEARCHMIDMARKETSECURITY.COM:

Get more out of your security event log data
Your network has plenty to say about your organization’s threat posture. These three tips will help you get the most out of security log management tools.
http://go.techtarget.com/r/9950436/6358329

How to choose hosted Web security services
Hosted Web security services that analyze Web traffic for malware are an attractive alternative to on-premise Web security gateways.
http://go.techtarget.com/r/9950437/6358329

Bookmark and Share

Thought you should know, etc... Update

When Reality Hits - Project Managers Roll With It

When Reality Hits - Project Managers Roll With It By Project Manage This One of the top challenges new PM types face is facing, and then dealing, with reality. That point in the project when things just aren’t going as planned… At the beginning of the project your Gantt view is a work of art – each dependency [...

The question: Is the Mainframe still the "right answer" for your business?

(Posted February 11, 2012) The short answer is  A B S O L U T E L Y  . . . In fact, why would risk your corporate future on anything else!!!! When the question “Why is System z essential to your business?” is presented, Terrie Jacopi, Program Director, DB2 for z/OS...

Exit...Stage Left

I’ve changed houses.  Instead of Suzhou, Jiangsu, China, I’mon the Southern Outer Banks of North Carolina.  Instead of skyscrapers, cranes and car horns honking, it’slittle buildings, quaint shops and a Jimmy Buffet-like atmosphere… 

“Welcome back Sanity…you werea missed chum...

Project Management Lite: Estimating–Preparing non-human Resource Cost Estimates

1. Objective •    To produce estimates of the non-human resource costs of the project (computer hardware, communications hardware, systems software, package software, etc.). 2. Responsibilities •    The Project M...

What Email Faux Pas Do You Commit?

Email—it’s a part of our everyday lives as business people.  Do you send emails that your co-workers take seriously?  Do you find some incoming emails off putting?  This humorous video by -->

Tags: , , , , , , ,

Comments

Leave a Reply




  • Your Shopping Cart

    Your cart is empty

  • Calendar

    November 2009
    M T W T F S S
    « Oct   Dec »
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

  • RSS From the National Vulnerability Database

    • CVE-2011-3958 (chrome) February 7, 2012
      Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. […]
      nvd@nist.gov
    • CVE-2012-1033 (bind) February 7, 2012
      The resolver in ISC BIND 9 through 9.8.1-P1 does not properly implement a cache update policy, which allows remote attackers to trigger continued resolvability of domain names that are no longer registered via an unspecified "Ghost Names exploit." […]
      nvd@nist.gov
    • CVE-2011-3971 (chrome) February 7, 2012
      Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. […]
      nvd@nist.gov
    • CVE-2011-3954 (chrome) February 7, 2012
      Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage. […]
      nvd@nist.gov
    • CVE-2011-3970 (chrome, libxslt) February 7, 2012
      libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. […]
      nvd@nist.gov
    • CVE-2012-0926 (realplayer, realplayer_sp) February 7, 2012
      The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream. […]
      nvd@nist.gov
    • CVE-2011-3969 (chrome) February 7, 2012
      Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. […]
      nvd@nist.gov
    • CVE-2011-3956 (chrome) February 7, 2012
      The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension. […]
      nvd@nist.gov
    • CVE-2011-3968 (chrome) February 7, 2012
      Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. […]
      nvd@nist.gov
    • CVE-2012-1035 (ada_web_services) February 7, 2012
      AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. […]
      nvd@nist.gov
Get Adobe Flash playerPlugin by wpburn.com wordpress themes