People who’ve moved onward and upward within the company, bridging multiple departments are great attack targets because they probably have more permissions than someone who’s stayed in a single role.
In non-security speak, let’s talk about someone who moves from Accounting to HR. The right way to handle it is to grant access to all of the HR data and systems, and cut off all of the person’s access to accounting data and systems.
In practice, that rarely happens. In previous roles, I’ve often ended up with access to more than one group of systems after being moved around, so I’ve not only seen it, I’ve experienced it firsthand.
The bad guys know this. So they’re going to scour Linkedin for people who have multiple entries on their profiles for the same company, knowing they probably still have both feet in both worlds. People like that are going to get more phishing e-mails than average, because then they’ll have access to twice as much stuff. That means if an attacker manages to get onto their system, they’ll have access to twice as much stuff.
This gets overlooked a lot, but HR and security need to have a very good working relationship to keep these kinds of situations from happening. Employees who stay with an organization and move onward and upward within it are very rare these days, and those employees deserve every bit of the extra protection they need.
Career advisers say to make sure you show all of your upward movement within the same company on your resume and on your Linkedin profile. I know not everyone does this, but jobs are difficult enough to get that we have to assume people are looking for that edge. As security professionals, our job is to understand this reality and make sure it doesn’t mean extra exposure.
Growing up in Missouri, a lot of my Christmas gifts when I was young came from a catalog showroom called Dolgin’s. One of my earliest memories is going to Dolgin’s with my mom and aunt, who showed me some Tonka trucks and asked me which ones I liked best.
I know a lot of people remember going through Sears and Montgomery Ward catalogs, but I remember Dolgin’s catalogs the best. Read more
From time to time, Windows patches will fail to install because a server doesn’t have enough space to install them. Finding the ginormous files are that are hogging all the space on the C drive is really tedious if you do it by clicking around in Windows Explorer, but there’s a better way.
Download the free Sysinternals Du.exe utility and you can find the behemoths in minutes, if not seconds. Read more
It’s frustrating when Firefox won’t let you cancel a download. It took me a while to find a solution, but I found one.
Here’s some background. I started downloading this monster file the other day, not realizing I didn’t have enough disk space to store the blasted thing. So I went to cancel it. The problem was, it wouldn’t completely cancel. It would keep trying to download until it filled up my disk, at which point other terrible things would happen. I couldn’t cancel the download, I couldn’t pause it, and I couldn’t delete it.
The solution, as it turns out, is to close Firefox. Next, go into your profile. To find it quickly in Windows, you can hit the Windows key + R, type %appdata% and hit OK, then navigate to Mozilla, then Firefox, then profiles. My profile was in a directory named wtkz7xzy.default. Yours will be similar. On a Mac or Linux box, your profile is probably in your home directory.
One you’re looking at your profile, locate the file called downloads.sqlite, and delete it. When you launch Firefox again, the list of downloads will be blank, and the download that wouldn’t go away will be among the casualties. And that will stop the endless loop like I had, or other bad Firefox behavior.
If Firefox has gotten a bit sluggish on you, I have a number of proven tips to speed up Firefox.
Whatever you do, don’t call this post Optimizing Android 2.3 for Games, Graphics and Multimedia. I’ll kick your… nevermind.
But of course the first thing I wanted after I installed Cyanogenmod 7.2–which is based on Android 2.3.7–on my Nook Color was to make it run smoother and faster. What else would I want? So here’s some stuff I did, since adding three CPU cores obviously isn’t an option.
HR departments and recruiters are watching you on Linkedin and other social networks. That’s an opportunity and a warning. Read more
Last year I examined ways to optimize Firefox’s SQLite databases. I’ve since found I like it better when I just put the Firefox profile in a ramdisk, but that may not be an option in all cases.
If you don’t want to go the latter route and would like to avoid the command line jockeying, give Speedyfox a look. And even if you’ve put Firefox in a ramdisk, this program can be useful. You won’t notice any speedup inside a ramdisk, but SQL optimization saves storage space, which is always at a premium inside ramdisks. Read more
I was looking deeper into Firefox optimization, and I found Adventures in Firefox-places.sqlite. It’s a pretty intense analysis that goes beyond the usual simple, in-browser SQL vacuum that I’ve mentioned in the past. It was written with Mac OS X and Linux in mind, which is fine, but if you run Windows, you might want to do the same thing.
It has two benefits. It speeds up Firefox, and it reduces the amount of disk space your Firefox profile occupies. The two things are related; smaller databases are quicker and easier to navigate than large ones. As for why you should care about the amount of disk space it takes up, well, on an SSD every megabyte counts.
This week I’ve had multiple people send me warnings they saw on Facebook about a new privacy threat, which, after I read about it, really appears just to be something that aggregates information already available about you.
Perhaps not coincidentally, PC Magazine has a piece telling you what you need to do if you’re really concerned about privacy and really want to disappear. http://www.pcmag.com/article2/0,2817,2376023,00.asp
“My Outlook send button is gone,” one of my coworkers told me. Microsoft wasn’t much help. The relevant knowledge base articles said the e-mail account not being configured causes that problem. Except it was. He could receive and read mail just fine, he just couldn’t send anything out.
Ultimately we ended up deleting his mail profile to fix the missing send button. Read more