A keystroke logger on a PC can capture mainframe passwords. Highly fragmented RACF authority on the mainframe limits exposure.
On Sun, Apr 24, 2022 at 3:20 PM Joe Monk <[email protected]> wrote: > > "Given that a healthy percentage of successful attacks involves insiders, > there > is no way that z/OS is immune to breaches." > > Umm, you may want to rethink that statement... > > "Phishing and related attacks — such as smishing (phishing lures sent over > SMS messages) and business email compromise (phishing messages sent by > someone pretending to be a colleague or a supervisor) — was the most common > primary cause of data breaches in 2021. Ransomware was not too far behind, > and malware was the third most common cause of data breaches.At the current > growth rate, ransomware attacks will pass phishing as the No. 1 root cause > of data compromises in 2022, ITRC predicts." > > https://www.darkreading.com/edge-threat-monitor/most-common-cause-of-data-breach-in-2021-phishing-smishing-bec > > Last I checked, Outlook doesnt run on z/OS... > > Joe > > On Sun, Apr 24, 2022 at 8:11 AM Seymour J Metz <[email protected]> wrote: > > > Given that a healthy percentage of successful attacks involves insiders, > > there is no way that z/OS is immune to breaches. The best that can be said > > is that, properly administered, it is more secure than some other platforms. > > > > > > -- > > Shmuel (Seymour J.) Metz > > http://mason.gmu.edu/~smetz3 > > > > ________________________________________ > > From: IBM Mainframe Discussion List [[email protected]] on behalf > > of Bob Bridges [[email protected]] > > Sent: Friday, April 22, 2022 7:53 PM > > To: [email protected] > > Subject: Re: IBM (IBM Z) , Lenovo, HPE and Huawei Servers Rank as Most > > Secure Platforms in ITIC Survey | TechChannel > > > > Don't get me wrong: I do believe that IBM mainframes belong at the top of > > the list for security capabilities. But it occurs to me that if they > > determined this by poll, then their results may be skewed by a) the belief, > > on the part of mainframers like me, that IBM is best, and b) a reluctance > > on the part of some corporations to report breaches even in polls that > > claim they're anonymous. > > > > That said, I'm a little surprised that IBM had "fastest mean time to > > detection (MTTD) from the onset of the attempted attack until the company > > isolated and shut it down". I know real-time reporting products are out > > there for mainframes, but I had the impression they're not used much. > > > > It's also interesting, given the size of the companies that use > > mainframes, that they also report "The least amount of monetary losses due > > to a successful security hack". Although see item b) above again. > > > > --- > > Bob Bridges, [email protected], cell 336 382-7313 > > > > /* Believe me! The secret of reaping the greatest fruitfulness and the > > greatest enjoyment from life is to live dangerously! -Friedrich Nietzsche > > */ > > > > -----Original Message----- > > From: IBM Mainframe Discussion List <[email protected]> On Behalf > > Of Mark Regan > > Sent: Friday, April 22, 2022 16:40 > > > > > > https://secure-web.cisco.com/1JxdfsqHGjnUuRPmN2YNUOcWs_oODuUS43Hv9Kt5RRL9WJqsH4-fcqaxAXUsKZBF9zoWi22K6jgKVsMSVPfKlDoW0UfoK79vCd9b50dV2JBh9vI68wnxNs7IlnkymdAD8cyIP56U6bVR040KuFDUTTuIm5pJ-Df--mvQFXgIdElA0-JyZ-oaTwuV5H6T-3i1K_F5DTaJAl-B3_JifnuvpwG4jUx7XVsR5-xort_nGKKaysCiPyiHN5-RFCI82FqYnnvedHtDh3gukxo4ItD6HjpJa03Rb3BLbhb4TcscdsNUrTw7SkN15BCeem2_sCAEqp2x9meCeTgwhIUlAe2hust6LZz92uDc81LbxklmQbXf-yTlzFKn0LgmFtjRFDmvIXdZoAO5ywdpP84gAyTxS6JzKVRslOJU3wNPS_MzwRUNAqb_qR-fApdtTNIjp76XHmE6YTBvTCfHZWq09QjxB-w/https%3A%2F%2Ftechchannel.com%2FEnterprise%2F04%2F2022%2Fsecure-platforms-itic-survey > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO IBM-MAIN > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO IBM-MAIN > > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
