By: - Independent Computer Security Analyst

@gcluley

Supervalu Shoppers At Risk After Hackers Steal Credit Card Details – and other stores affected too

August 18th, 2014

Customers who have used their credit cards at a US supermarket chain between June 22nd and July 17th 2014 are being warned to check their bank balances, after it was discovered that criminals had hacked their way into networks and potentially accessed shoppers’ private data. Supervalu has published a security advisory on its website, warning that […]



By: - Dir. Solutions Marketing

Patching Best Practices Lessons Learned – Again?

August 14th, 2014

Automatic patching? Magic 8-Ball sez NO! Reports are surfacing that some of this month’s batch of Microsoft patches are causing problems. As I’ve said before, the folks in Redmond have gotten much better with their patches over the years, to where news of BSODs caused by a Microsoft patch is, well, news. Anyhow, here are […]



By: - Dir. Solutions Marketing

SC Magazine 2014 Malware Defenses Survey Results (part 2)

August 14th, 2014

The report on the 2014 Malware Defenses survey conducted by SC Magazine is now out. Overall, it shows that organizations are starting to wake up to the risk of targeted (or APT) attacks – but they still have a ways to go on many fronts. In this second of three posts, we will examine how […]



By: - Independent Computer Security Analyst

@gcluley

Urgent! Adobe Users Told to Patch Reader and Acrobat Against Zero-day Attacks

August 13th, 2014

Adobe has warned computer users to update their installations of Adobe Reader and Acrobat as a matter of urgency, after it was discovered that malicious hackers were exploiting a critical zero-day vulnerability in targeted attacks. According to the software company, it is “aware of evidence that indicates an exploit in the wild is being used […]



By: - Director, Product Management

@russbernst

Microsoft Takes on IE Vulns and Enforces 8.1 Update in August Patch Tuesday

August 12th, 2014

The patches released by Microsoft today for August Patch Tuesday include 9 bulletins (2 critical and 7 important) and cover 37 CVEs. IT’s first priority should be the critical, cumulative update for IE. MS14-051 includes 26 CVEs for all supported versions of the browser. All are privately disclosed with the exception of one, CVE-2014-2819, which […]



By: - Independent Computer Security Analyst

@gcluley

Internet Explorer 8 Users Told Their Browser has Less Than 18 Months to Live

August 11th, 2014

The single most popular browser on computer desktops around the world is Internet Explorer 8 – and its days are officially numbered. Because, from January 12 2016, Microsoft is only going to provide support and security updates for the following operating system/browser combinations: Windows Vista SP2 and Windows Server 2008 SP2: Internet Explorer 9 Windows Server […]



By: - Dir. Solutions Marketing

SC Magazine 2014 Malware Defenses Survey Results

August 11th, 2014

The report on the 2014 Malware Defenses survey conducted by SC Magazine is now out. Overall, it shows that organizations are starting to wake up to the risk of targeted (or APT) attacks – but they still have a ways to go on many fronts. In this first of three posts, we will delve into […]



By: - Director, Product Management

@russbernst

It’s Back-to-Patching This August Patch Tuesday

August 7th, 2014

It’s back to school time for students and with Patch Tuesday just around the corner, it’s back to patching for IT too. Nine bulletins were announced in Microsoft’s advanced notification system today, 2 critical and 7 important. First on our radar this month is an update for IE. In a blog post published by Microsoft […]



By: - Independent Computer Security Analyst

@gcluley

PayPal left red-faced after more security holes found in two factor authentication

August 6th, 2014

Just over a month ago, security researchers revealed that one of PayPal’s primary mechanisms to protect accounts from hackers had been fundamentally flawed for years. Researchers at Duo Security discovered a method of bypassing the two-factor authentication (2FA) technology used by the site, which is supposed to protect your account should your PayPal username and password […]



By: - Senior Architect

@danteal

Stealthy Malware is Never Invisible

August 5th, 2014

New malware identified as ‘Poweliks’ is currently in the news because of its stealthy nature.  The malware does not reside as a file on the disk, rather it is stored in the registry and uses some interesting tricks to execute at startup and remain hidden from system administrators.  The full description of the malware can […]



By: - Dir. Solutions Marketing

Is It the End of the (USB) World as We Know It?

August 4th, 2014

News this past week about a Proof-of-Concept tool called BadUSB which has the IT security press in a lather. Why? Well, we all know that USB sticks are used to spread malware. But this POC by SRLabs security researchers Karsten Nohl and Jakob Lell – which will be demonstrated at Black Hat USA 2014 – […]



By: - Independent Computer Security Analyst

@gcluley

Gambling website Paddy Power took four years to tell 650,000 customers their data had been stolen

August 1st, 2014

Yesterday, popular gambling website Paddy Power found itself admitting that it had suffered a serious data breach – the kind of position that no company ever wants to find itself in. Not that you would know if you visited their website, of course. Because there’s no mention of the issue on the front page that their […]



By: - Independent Computer Security Analyst

@gcluley

7 Out of Top 10 Internet of Things Devices Riddled With Vulnerabilities

July 31st, 2014

It has become the trendy thing to connect more and more household and office devices to the internet. It is becoming increasingly common to find yourself typing a WiFI password not just into your smartphone, but also your smoke alarm, your fridge, your printer, your baby monitor and maybe even your car. However, are the […]



By: - Dir. Solutions Marketing

Information Aversion – The Ostrich Effect

July 30th, 2014

Are we hurting our cause when we describe, in gruesome detail, the potential outcomes of a data breach or other IT security breach? Are we inadvertently pushing real security further off when we chase on the latest whiz bang technology instead of focusing on making steady progress? That’s what came to mind when I recently […]



By: - SVP Global Marketing

@cedwardbrice

2015 Endpoint and Mobile Security Procurement: 10 Questions to Ask New Vendors

July 29th, 2014

Originally published on ITBusinessEdge. » Read the full article In the spirit of 2015 planning, now is the time of year when IT teams start to tackle big, complicated issues like: what are the coming situational issues surrounding the security of our data? How are we as an organization really doing in securing our valuable […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com