Optimal Security : the Lumension Blog

Big news on the merger and acquisition front today as Intel announced plans to purchase McAfee for $7.7 billion. The announcement is definitely a game changer for the security industry, and comes on the heels of other recent IT security acquisitions this year including Symantec’s acquisition of PGP, IBM’s acquisition of BigFix and HP’s acquisition [...]

As expected, we have a large release from Microsoft covering 15 bulletins, 9 of which are critical. This will be a disruptive Patch Tuesday given the broad range of products impacted and the required restarts. Initial priorities should always be the 9 critical vulnerabilities followed by the remaining balance of important and moderate patches. 
August Critical [...]

 
 
SC Magazine UK’s online news editor, Dan Raywood asks Don Leatham, senior director of solutions and strategy at Lumension about the value – and dangers – of running outdated operating systems.
Q: If we researched operating systems, it is likely we would find a lot of people running ‘outdated’ operating systems. What is the best [...]

As more malware writers began to incorporate the Microsoft LNK issue (CVE-2010-2568) into their malicious code, Microsoft last week published a workaround and is [...]

While our budget-constrained defenses remain relatively static, the threat vector continues to change. Historically in network security, attackers seem to regularly stay one step ahead of defenders. I have watched the arms race unfold for more than two decades as attackers worked their way up the OSI stack from network layer attacks like the infamous [...]

Before getting flamed as an Apple basher, first let me state that I like Apple products. I am not foolishly going to disregard the risks of the environment we live / work in today however. In my business and personal life I own 3 Apple laptops, 4 Apple desktops, 2 iPads and 2 iPhones. Along [...]

News about a new attack via USB flash drive, known as Stuxnet.B, is surfacing. The Belarusian antivirus company VirusBlokAda recently discovered it and published a report on it. There are several points about this attack which make it both novel and unique, even though infection / propagation via USB flash drives is very common. To [...]

Microsoft announced that they have released four security bulletins to address five separate current vulnerabilities. Especially concerning this month is the fact that all three bulletins rated “critical” also rate a “1” on Microsoft’s exploitability index (with MS10-042 addressing a vulnerability that is actively being exploited.)  Additionally, MS10-043 requires a reboot and affects Windows Server [...]

I recently helped a friend set up her new Win7 box – it was a breeze, especially when compared to (or perhaps because of) the Vista lappie I set up for her a couple of years back. We had to do it because her old box was still running WinXP SP2 – and we couldn’t [...]

I am told by a highly reliable source (hi mom!) that, as a young’un, I horrified my (American) grandfather by kicking the (American) football back to him after he threw it to me – I’m sure he was seriously concerned about what they were teaching me at those European schools. And since I played a [...]