Cloud-based Security, Privacy, Compliance and Identity, Secure Data Centers, Securing the Cloud, Threats from the Cloud, Virtualization
Sep 21st, 2010 |
Divide and Reduce Risk: Segregation of Duties in the Cloud
Author: Todd Thiemann
Plenty of regulatory regimes mandate that enterprises have a segregation of duties or separation of duties (we will use the terms interchangably in this post) as a required internal control mechanism. Separation of duties divides the responsibility of a critical task among different people and provides “checks and balances” against fraud or error.
ISACA has a nice journal article about Segregation of Duties here and Nick Szabo writes about the concept here. Internal controls and Separation of Duties apply...
Cloud-based Security, Securing the Cloud, Threats from the Cloud, Uncategorized
Sep 16th, 2010 |
Enterprises using Adobe in an Infrastructure as a Service (IaaS) cloud environment may find a new Adobe Flash Player vulnerability to be of interest. Trend Micro’s antivirus and Trend Micro Deep Security offerings can both protect for this latest vulnerability and counter exploits of the vulnerability. If you have a IaaS cloud server with a Deep Security agent using updated rules (specifically rule–1004403 (Adobe Flash Player Remote Code Execution), you are covered.
The above is an update to what we posted yesterday (September 15, 2010) regarding this critical vulnerability in Adobe’s...
Cloud-based Security, Secure Data Centers, Securing the Cloud, Threats from the Cloud
Sep 15th, 2010 |
Adobe has issued a security advisory APSA 10-03 describing a new critical vulnerability in its products. This time, the primary target is Flash Player with multiple platforms—Windows, Mac, Linux, Solaris, and Android—all affected and is currently being exploited in the wild. Current versions of Acrobat and Reader—the target of last week’s vulnerability—are also affected by the said exploit although Adobe states that in-the-wild attacks against these have not yet been seen.
Trend Micro detects malicious ShockWave Flash (.SWF) files exploiting this vulnerability as TROJ_SWIF.HEL. This functions...
Cloud-based Security, Secure Data Centers, Securing the Cloud, Threats from the Cloud, Virtualization
Sep 8th, 2010 |
In this 30-second video, Todd Thiemann, Sr. Director, Data Protection Marketing, talks about all the buzz around the Trend Micro SecureCloud public beta at the VMWorld Conference in San Francisco, Aug. 31-Sept. 2, 2010. Click “Read More” button for the link to the short video.
click to view Trend Micro SecureCloud public beta :30 video