By: - Independent Computer Security Analyst

@gcluley

Gaping hole in Android lets hackers break in with just your phone number!

July 27th, 2015

A researcher has found a serious Android vulnerability that requires no interaction at all by the user to hijack their device. In fact, the vulnerability could allow a hacker to infect your mobile phone, while you’re fast asleep.



By:

Ransomware – Now for Websites

July 27th, 2015

Over the last several weeks I’ve written about ransomware primarily as it relates to individual machines or mobile devices. There is another very sneaky variant of ransomware which you should be aware of. It’s specifically crafted to hold websites hostage. It’s called RansomWeb. It’s methodology is slow and diabolical, and I believe it’s out there […]



By: - Dir. Solutions Marketing

Critical Out-of-Band Patch from Microsoft – Update Now!

July 22nd, 2015

No sooner have you digested the latest Patch Tuesday releases than you’re hit by a relatively rare out-of-band patch from Microsoft. As Russ said in his post, it’s definitely a crazy month! This emergency patch corrects a remote code execution (RCE) vulnerability found in all supported versions of Windows – including the soon-to-be released Windows […]



By:

How Do You Protect Your Systems From Ransomware?

July 21st, 2015

In my previous two posts How Does Ransomware Work? Part 1 and Part 2 I described the process ransomware goes through to get on your systems, encrypt your files, and collect your money. Like any malware, all of the steps in the process need to be successful in order for ransomware to work. In the case of […]



By: - Independent Computer Security Analyst

@gcluley

The Hacking Team Android malware app that waltzed past Google Play’s security checks

July 20th, 2015

With every day that passes, more details of the activities of controversial spyware firm Hacking Team come to light, aided by the release of 400 GB of documents, source code and email archives from the hacked firm.



By: - Dir. Solutions Marketing

R.I.P. Windows Server 2003

July 17th, 2015

As you should know by now, Microsoft ended support for Windows Server 2003 on July 14, 2015. But surveys suggest that many organizations may not be ready: 50% of organizations started 2015 with no migration plan – or were unaware that support was ending. 1/3 of organizations hope to complete their migrations sometime after the […]



By: - Director, Product Management

@russbernst

Adobe Overshadows ‘Last’ Microsoft Patch Tuesday

July 14th, 2015

In the last Patch Tuesday before users may upgrade their Windows operating systems to Windows 10 on July 29 and subsequently enlist a changed patching process, we have 14 updates to deal with from Microsoft that address 59 total vulnerabilities. Equally as important however are the three 0-days in Adobe Flash Player and an impending […]



By:

How Does Ransomware Work? Part 2

July 14th, 2015

In part 1 I outlined how ransomware gets on your system in the first place. We saw that it operates in much the same manner as other malware: It needs a delivery system, a vulnerability to exploit, a payload to install, and a way to establish communications with a command & control (C&C) server. In […]



By: - Independent Computer Security Analyst

@gcluley

Are You Vulnerable to New Java Zero-Day Exploit?

July 13th, 2015

Operation Pawn Storm is up to its dirty tricks again, this time with what is claimed to be the first new Java zero-day vulnerability in two years.



By: - Dir. Solutions Marketing

The Hacking Team Hack – Why You Should Care!

July 10th, 2015

Another day, another breach. Ho Hum. So it seemed when news first broke about the hack of the (in)famous Italian vulnerability research firm Hacking Team. Probably a case of hackers hacking back. No impact on most “regular” cybercitizens, right? Au contraire, mon frère. It seems that there were a few gems in the 400 GB data […]



By: - Independent Computer Security Analyst

@gcluley

Sloppy password-less security left 1.25 million Japanese pension records exposed

July 7th, 2015

Despite have rules and compliance regulations in place, Japan’s pension system has been hit by hackers who made off with over 1.2 million records containing personally identifiable information.

According to reports, staff weren’t obeying the rules – making it far too easy for criminals to access sensitive database records.



By:

How Does Ransomware Work? Part 1

July 6th, 2015

Let’s take a look at how ransomware works. In some stages of the operational cycle ransomware runs much like any other malware which may find its way onto your systems. In other stages ransomware has introduced completely new areas of operating for cybercriminals. The first few stages of the ransomware cycle use the tried-and-true methods cybercriminals […]



By: - Independent Computer Security Analyst

@gcluley

Mystery surrounds “hack” that grounded 1400 air passengers – Updated

June 23rd, 2015

1400 passengers are stranded at Poland’s busiest airport after what the airline describes as an “IT attack”.

But what actually happened in shrouded in mystery.



By:

Ransomware – To Pay or Not To Pay?

June 22nd, 2015

Let me paint a scene for you. You’re sitting at your desk between meetings. You’re working on a PowerPoint for a customer meeting tomorrow, and you’re waiting for an email back from a co-worker. You have another meeting in an hour, which gives you just enough time to hone this presentation. It’s been 15 well-crafted […]



By: - Independent Computer Security Analyst

@gcluley

LinkedIn trumpets the success of its private bug bounty

June 19th, 2015

It’s all very well having a bug bounty program, argues LinkedIn, but how is your organisation going to cope if it is bombarded with hundreds of meaningless and useless reports, that your security team cannot act upon?



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com