Optimal Security : the Lumension Blog

Subscribe

March 2010 Patch Tuesday Security Briefing

Paul Henry, Forensics and Security Analyst, provides his insights in this March 2010 Patch Tuesday Security Briefing.

March Patch Tuesday Overshadowed by New IE Zero-Day Vulnerability

Today’s Patch Tuesday release is being overshadowed by a new zero-day vulnerability in Internet Explorer that can allow remote code execution. The exploit reportedly is currently being used in targeted attacks in the wild. It was reported today in an advisory by Microsoft - the same day they released the monthly patches for March 2010.
From [...]

Operationalizing Endpoint Security: How IT is Adopting to the Changing Threat Landscape

I recently sat down with Anthony Sica, Executive Director of Information Technology at Shiseido America, to get his perspectives on the changing threat landscape and the evolving role of those in charge of Information Technology. For the past six years, Tony has been in charge of infrastructure, end user computing, data centers, and compliance for [...]

HITECH Breach Data: the Good, the Bad, and the Ugly

As I’ve discussed before, one of the requirements of the HITECH Act is for the Secretary of the Department of Health & Human Services (HHS) to publish a list of all breaches of healthcare data covered by the HIPAA security rule on a yearly basis. The first such publication has been made, covering the period [...]

Advanced Persistent Threat: Marketing Hype or Real Menace?

In light of all of the widely varying commentary on the Advanced Persistent Threat (APT) issue I have been reading about on the Internet, I wanted to weigh in with my opinion on the issue.
APT - the New Menace?
For the past 20 years, we have at best only reacted to the changing Internet threats [...]

How to Deal with Microsoft BSOD: TDSS Malware

So, a couple of weeks ago we were all very concerned about the MS10-015 patch included in the February security update from Microsoft which seemed to cause the dreaded Blue Screen of Death (BSOD) on some machines. As we “went to press” with our blog post, the news was just breaking that the underlying cause [...]

Kneber BotNet / Zeus Trojan Strikes!

Makes Us Wonder if Web 2.0 / Social Apps are a Boon or a Bane.

7 Things You Need to Know About HITECH

Today, Wednesday, February 17, 2010, marks one year since the HITECH Act of 2009 passed. This means that most of the Act’s provisions are now enforceable – particularly, the breach notification and penalties aspect of the Act. While most healthcare organizations are concerned about the “meaningful use” requirement, for us in the IT security space [...]

17-Year-Old Vulnerability Fights to Stay Alive!

So, another Patch Tuesday has passed – and it was a big one. But the news late Thursday 02/11 was a bit less nice: it seems that one of the patches included causes that dreaded BSOD on certain Windows XP boxes.
Microsoft is aware of the problem, which involves the MS10-015 bulletin (aka the 17-year-old Windows [...]

February 2010 Patch Tuesday Security Briefing

Paul Henry, Forensics and Security Analyst, provides his insights in this February 2010 Patch Tuesday Security Briefing.