6 reflections on the key role that system administrators play

Information Management Resources

In recognition of July 27 as System Administrator Appreciation Day, six technology executives share their thoughts on why these professionals are so vital to the organization. Hardware and software Data management Data types

Boosting Security Effectiveness with 'Adjuvants'

Dark Reading

How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program

PyRoMine Uses NSA Exploit for Monero Mining and Backdoors

Threatpost

Not just a miner, the malware also sets up a hidden default account with system administrator privileges, to be used for re-infection and further attacks. Malware backdoor EternalRomance follow on attacks Monero pyromine remote desktop ShadowBrokers smb1

Simplify records management while improving information governance

OpenText Information Management

Challenge: Your organization has many users involved in the lifecycle management of important information assets–from knowledge workers to legal associates to system administrators and, yes, Records Managers.

Nick Jovanovic, VP Federal of Thales eSecurity Federal, Speaks to Media about Data Security

Thales Data Security

He suggests that protecting data that is on your system should be the focus. In other words, a system administrator should be able to maintain the system without seeing what is in the files he is backing up or transferring.

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

Alexey is a Russian-speaking cyber vigilante that decided to fix the MikroTik routers and he claims to be e system administrator. A Russian-speaking hacker, who goes by the name of Alexey, claims to have hacked into over 100,000 MikroTik routers with a specific intent, disinfect them.

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Security Affairs

In this type of distributed denial of service (DDoS) attack, the malicious traffic generated with the technique is greater than the once associated with the use of memcached, a service that does not require authentication but has been exposed on the internet by inexperienced system administrators.

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Security Affairs

“We recently observed cases of abuse of the systems running misconfigured Docker Engine-Community with Docker application program interface (API) ports exposed. Cybercriminals continue to abuse unprotected Docker APIs to create new containers used for cryptojacking, Trend Micro warns.

Experts discovered a severe command injection flaw in Cisco Webex Meetings Desktop

Security Affairs

An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges.” ” Cisco advisory reveals that the vulnerability could be exploited remotely by leveraging the operating system remote management tools.

Wireshark fixed three flaws that can crash it via malicious packet trace files

Security Affairs

“To inject malformed packets that the Wireshark application may attempt to parse, the attacker may need access to the trusted, internal network where the targeted system resides. Administrators are advised to allow only trusted users to have network access.

More Cloud Means More Multi-Tenant Environments

Thales Data Security

To ensure a secure multi-tenant environment for consolidation, you need a solution that: adequately isolates security for specific tenants or customers; authorizes access to the data itself without allowing even systems administrators or privileged users to see the data; and.

Cloud 89

Five Eyes Intelligence agencies warn of popular hacking tools

Security Affairs

To aid the work of network defenders and systems administrators, we also provide advice on limiting the effectiveness of these tools and detecting their use on a network.” It poses a threat to several different operating systems, including Windows, Linux, MAC OS X, and Android.” Security agencies belonging to Five Eyes (United States, United Kingdom, Canada, Australia and New Zealand) have released a joint report that details some popular hacking tools.

Tools 87

Three members of FIN7 (Carbanak) gang charged with stealing 15 million credit cards

Security Affairs

Hladyr is suspected to be a system administrator for the group. Three members of the cybercrime group tracked as FIN7 and Carbanak have been indicted and charged with 26 felony counts.

GAO Report shed the lights on the failures behind the Equifax hack

Security Affairs

The reports also refers documents from the Internal Revenue Service (IRS), Social Security Administration (SSA), and U.S. “In July 2017, Equifax system administrators discovered that attackers had gained. A new report from the U.S.

Italy: Privacy law integrating the GDPR adopted, what to do?

DLA Piper Privacy Matters

The scope of the potentially applicable previous orders is quite broad as it goes from the role of the so called system administrator, to stringent security measures provided for specific data processing activities (e.g. The Italian budget law of 2017 had introduced a system of notification/authoritization for data processing activities performed by automated means and based on legitimate interest.

GDPR 43

Georgia Governor Vetoes Broad-Reaching Computer Crime Bill, Highlighting Debate Around Bug Bounty Programs

Data Matters

Specifically, researchers believed that the current version of SB 315 could chill security research—both the purely academic and the “white hats”—ultimately discouraging individuals from identifying vulnerabilities in networks and alerting system administrators of the issues. Organizations have employed bug bounty programs in an effort to encourage researchers to report security flaws in their systems.

Trust, but Verify: Keeping Watch over Privileged Users

Thales Data Security

Privileged users today can include a multitude of people from system administrators, network engineers, and database administrators, to data center operators, upper management, and security personnel.

Cyber Blackmail: More Than Just Ransomware

The Texas Record

The plethora of attacks has sent security professionals and system administrators scrambling to ensure their systems and backups are safe, and executives taking a second look at their cyber security programs.

Weekly podcast: Memcached DDoS attacks, Equifax (once again) and Alexa

IT Governance

An Akamai blog explained that memcached is “meant to cache data and reduce strain on heavier data stores […] and is only intended to be used on systems that are not exposed to the Internet”. According to Akamai, there are “currently more than 50,000 known vulnerable systems exposed”.

Finding the Optimal Alternative to the Google Search Appliance

Perficient Data & Analytics

The Nero Admin Portal provides system administrators and developers with an intuitive interface for configuration, monitoring, and reporting. Google decided to sunset the Google Search Appliance over the next several years, leaving a gap in the enterprise search space for organizations dependent on it for their public website search and secure internal search.

Cloud 40

Building the Relationship Between RM and IT

The Texas Record

Our programmers invite me to meetings involving any new system with a data retention consideration.

How To Build A Cybersecurity Career | What Really Matters

Cyber Info Veritas

Since the general work of a cybersecurity specialist is to ensure that computer systems and networks are secure—essentially meaning cybersecurity experts are in charge of the electronic security of an organization—they must be knowledgeable.

DB2 for z/OS: Monitoring Prefetch Read Activity

Robert's Db2

My analysis of the figures suggested that the system administrators were concerned by numbers that were in fact positive in nature; however, I also saw prefetch items that really were troublesome, and I subsequently learned that these were likely due to a buffer pool configuration change that had been made to improve application performance but ended up working towards the opposite end.

Using PowerShell for SharePoint 2010

JKevinParker

In *nix, I prefer BASH (GNU Bourne-Again SHell) for administration. This is a major reason why *nix admins generally have managed a lot more systems than have Windows admins, requiring companies with Windows servers to hire more admins. This is handy to system administrators, but it is especially useful for someone like me, who is an architect with very little time to get their hands dirty. This shortcut should generally be "run as administrator.".

DB2 for z/OS Buffer Pool Enlargement is NOT Just an Elapsed Time Thing

Robert's Db2

A couple of weeks ago, I got a question from a mainframe DB2 DBA about the impact of DB2 buffer pool enlargement on application and system performance. I/O assist processors are great, and they are one reason that System z has long excelled as a platform for I/O-intensive applications, but general-purpose engines (and zIIP engines, for that matter) still have to shoulder some of the read/write load. That time period could capture a "peak" of system activity (e.g.,

Linux on System z: a Better Place for Your DB2 for z/OS Client-Server Applications

Robert's Db2

In DB2 for z/OS circles, there has been an evolution of attitudes concerning Linux on System z. One of the mainframers on this team had a suggestion: why not add a few IFL engines (more on this to come) to our System z servers and use those to consolidate a lot of our Linux systems (which were running primarily on x86 boxes)? The person who was advocating running Linux on System z made some good points, but the idea didn't get far and was set aside.

DB2 for z/OS Roles: Trust Me on This One (Part 1)

Robert's Db2

The person asking the question had a need to provide DBAs in certain geographies with the privileges needed to get their work done, but in a way that would deny them access to data in user (versus system) tables. In a follow-on Part 2 entry, I'll address the challenge of enabling a DBA or system administrator to do his or her job whilst preventing that person from being able to access data in user tables.

DB2 10 for z/OS: What do You Know About High-Performance DBATs?

Robert's Db2

For DB2 for z/OS to realize its full value-delivery potential in client-server computing environments, it has to provide to DBAs and to systems administrators the same performance management and tuning options that are available for local-to-DB2 applications (such as those that run in CICS regions). DB2 10 for z/OS, which became generally available this past October, is loaded with features and functions that can reduce the CPU cost of applications.