Optimal Security : the Lumension Blog

Thoughts On Intel’s Acquisition of McAfee

Big news on the merger and acquisition front today as Intel announced plans to purchase McAfee for $7.7 billion. The announcement is definitely a game [...]

Tuesday, August 10th

Largest Patch Tuesday on Record

As expected, we have a large release from Microsoft covering 15 bulletins, 9 of which are critical. This will be a disruptive Patch Tuesday given [...]

Does ‘Death of the Web’ Mean a More Secure Internet?
Thoughts On Intel’s Acquisition of McAfee
Largest Patch Tuesday on Record

Ben Franklin’s Endpoint Security Advice

Author: Jeff Hughes Date: Thursday, September 2nd Categories: Endpoint Protection

Comment

Ben Franklin dished out some pretty good security advice in his day. In fact, he was one of the most well known security professionals of his time. Many of you may realize it was Franklin that coined the saying ‘An ounce of prevention is worth a pound of cure’ but what you might not know [...]

Employees Will Steal Your Data – Are You Protecting the Right Stuff?

Author: Chris Merritt Date: Tuesday, August 24th Categories: Data Protection

Comment

We in the security industry talk a lot about the risks of data theft and/or loss, especially by an insider. A quick look through the recent entries into the Open Security Foundation’s DataLossDB makes that case more concrete, be it via an innocent mistake (like losing a laptop) or outright theft (like the Countrywide case, [...]

August 2010 Patch Tuesday Security Briefing

Author: Paul Henry Date: Tuesday, August 10th Categories: Patch Tuesday | Security Insights | Vulnerability Management

Comment

Paul Henry, Forensics and Security Analyst, provides his insights in this August 2010 Patch Tuesday Security Briefing.

Afraid of Change: Getting Users to Upgrade from XP to Win7

Author: Lumension Date: Monday, August 2nd Categories: Featured Posts

Comment

SC Magazine UK’s online news editor, Dan Raywood asks Don Leatham, senior director of solutions and strategy at Lumension about the value – and dangers – of running outdated operating systems.
Q: If we researched operating systems, it is likely we would find a lot of people running ‘outdated’ operating systems. What is the best [...]

Microsoft Prepares Out Of Band Patch For “Globe Trotting” LNK File Issue

Author: Paul Henry Date: Friday, July 30th Categories: Featured Posts | Patch Tuesday | Security Insights | Vulnerability Management

Comment

As more malware writers began to incorporate the Microsoft LNK issue (CVE-2010-2568) into their malicious code, Microsoft last week published a workaround and is [...]

Adjust Your Defenses to the Changing Threat Vector

Author: Paul Henry Date: Friday, July 30th Categories: Featured Posts | Security Insights | Vulnerability Management

Comment

While our budget-constrained defenses remain relatively static, the threat vector continues to change. Historically in network security, attackers seem to regularly stay one step ahead of defenders. I have watched the arms race unfold for more than two decades as attackers worked their way up the OSI stack from network layer attacks like the infamous [...]

Yes Virginia, Mac’s Can Get Viruses

Author: Paul Henry Date: Tuesday, July 27th Categories: Featured Posts | Security Insights | Vulnerability Management

Comments 6

Before getting flamed as an Apple basher, first let me state that I like Apple products. I am not foolishly going to disregard the risks of the environment we live / work in today however. In my business and personal life I own 3 Apple laptops, 4 Apple desktops, 2 iPads and 2 iPhones. Along [...]

Novel New USB Attack

Author: Chris Merritt Date: Monday, July 19th Categories: Endpoint Protection | Featured Posts | Vulnerability Management

Comment

News about a new attack via USB flash drive, known as Stuxnet.B, is surfacing. The Belarusian antivirus company VirusBlokAda recently discovered it and published a report on it. There are several points about this attack which make it both novel and unique, even though infection / propagation via USB flash drives is very common. To [...]

July 2010 Patch Tuesday Security Briefing

Author: Paul Henry Date: Wednesday, July 14th Categories: Patch Tuesday | Security Insights | Vulnerability Management

Comment

Paul Henry, Forensics and Security Analyst, provides his insights in this July 2010 Patch Tuesday Security Briefing.

A Double Whammy Patch Tuesday from Microsoft and Oracle

Author: Don Leatham Date: Tuesday, July 13th Categories: Featured Posts | Patch Tuesday | Vulnerability Management

Comment

Microsoft announced that they have released four security bulletins to address five separate current vulnerabilities. Especially concerning this month is the fact that all three bulletins rated “critical” also rate a “1” on Microsoft’s exploitability index (with MS10-042 addressing a vulnerability that is actively being exploited.) Additionally, MS10-043 requires a reboot and affects Windows Server [...]