Optimal Security : the Lumension Blog

On Tuesday February 17th, President Obama signed the economic stimulus package that carves out $19B for modernizing health information systems.  The transition from paper to electronic or e-records in the healthcare industry has been happening for some time.  Although in small numbers, the process has been slow to ramp up based on technology considerations and [...]

As you’ve no doubt heard by now, security researchers over the weekend uncovered a computer espionage network – dubbed Ghostnet – based in China that so far has affected nearly 1,300 computers in 100 countries spanning the globe.  What’s particularly interesting or noteworthy about this apparent cyber-espionage incident is the low-level technology used to infiltrate [...]

In a recent report from FinJan, a group of cyber criminals are earning an average of $10,800 a day from deploying their malware.
Sometimes referred to as “scareware,” a user visits a website and receives a pop-up that indicates their PC is infected with malware. The pop-up offers to scan the user’s PC for free. The scan [...]

I think it’s fair to say that most companies do not enjoy the litigation process. It’s time-consuming and cost-intensive, not to mention nerve-wracking worrying about how the process might impact the perceptions of your customers, partners, investors and prospects.
These reasons alone are enough motivation for companies to go out of their way to avoid litigation. [...]

At the same time Adobe releases a patch for the JBIG2Decode vulnerability in Adobe Reader 9.0, a new methodology for exploiting the issue is noted.  No need for user action - The user does not need to open the specially crafted PDF file in order to execute the exploit.  Simply having an infected file on [...]

A quick review of the evolution of Conficker - those who failed to patch found themselves stuck in yet another malware arms race with hackers:
1.    On or around November 24th well after the release of the respective patch from Microsoft, Conficker “A” quickly took advantage of the previously patched buffer overflow in the Microsoft Server [...]

In this video I discuss how customers can get greater value out of their existing Lumension investment to optimize their total cost of ownership.

Video Blog discussing Patch Tuesday March 2009.

The reported number of institutions impacted by the Heartland Payment Systems data breach continues to increase – it has already affected over 600 financial institutions. While we’ve heard plenty about the number of those impacted and have looked at the malware used to conduct this breach  - what hasn’t been discussed is the impact from [...]

Some time ago we wrote about the new Massachusetts Data Protection law, slated to come online in May this year (after being delayed from the start of 2009). As you may recall, this law  (201 CMR 17.00) is stricter than past laws, more specific than any state’s data security regulations to date, and more expensive [...]