By: - Independent Computer Security Analyst

@gcluley

SoakSoak malware hits over 100,000 WordPress websites

December 15th, 2014

Do you run WordPress on your website?  If so, you’re in good company. Around 19% of the world’s websites are thought to run WordPress, which is even more astonishing when you consider that many sites don’t have any content management system at all. And although running your own self-hosted version of WordPress (as opposed to […]



By: - Independent Computer Security Analyst

@gcluley

Problems for Windows 7 and Exchange users as Microsoft warns of buggy security patches

December 14th, 2014

On the second Tuesday of every month, regular as clockwork, Microsoft issues security fixes for users of its software – protecting against newly discovered vulnerabilities and bugs. And normally, the advice is to roll them out across your enterprise at your earliest opportunity – particularly in the case of the most serious critical security patches, which could […]



By: - Director, Product Management

@russbernst

Final Patch Tuesday of 2014, Have You Kept Up?

December 9th, 2014

The 2014 Patch Tuesday program came to a close  today with Microsoft’s release of 7 security bulletins. 3 are critical and 4 are rated important. Before jumping in to this month’s updates however, it’s interesting to do a quick year-over-year comparison. Assuming no out-of-band patches later this month, the total number of bulletins released by Microsoft […]



By: - Director, Product Management

@russbernst

7 December Bulletins to Close Out 2014 Patch Tuesdays

December 4th, 2014

Microsoft is set to release 7 bulletins during next week’s Patch Tuesday; 3 are critical and 4 are important. If all 7 are released as planned, the total number of patches in 2014 will hit 84. This year’s patch load is close in quantity to 2012 when 83 patches were released in all. Last year […]



By: - Dir. Solutions Marketing

E-Cigarettes Are Bad for Your Computer’s Health!

December 2nd, 2014

There’s been a lot of news lately about the adverse health impact of vaping, including a recent study which suggests that e-cigarettes contain up to 10 times the level of carcinogens of regular tobacco. But perhaps less well publicized is the recent news that e-cigarettes might give you malware. According to an account on Reddit, […]



By: - Independent Computer Security Analyst

@gcluley

Did North Korea Hack Sony? It Seems Hard to Believe

December 1st, 2014

There’s plenty of rumours and speculation, but one thing is certain: something has gone awfully awry with the computer systems at Sony Pictures Entertainment – the television and movie subsidiary of the huge Sony Corporation. The media has been full since last week with reports that the company has shut down its servers, after a ghoulish […]



By: - Director, Product Management

@russbernst

14 Bulletins This Patch Tuesday and IE Cumulative Update Is Not Your Most Critical

November 11th, 2014

While we enjoyed a relatively low number of patches each month so far this year, November definitely takes a big jump up with 14 total bulletins released today. 4 are critical, 8 important and 2 moderate. While this is two less than what we thought we would have today according to last week’s ANS, we […]



By: - Director, Product Management

@russbernst

A Whopping Patch Tuesday

November 6th, 2014

IT pros will be thankful for some holiday time off at the end of this month because November Patch Tuesday will certainly keep them busy. Microsoft is set to release 16 bulletins next week, 5 are critical, 9 important and 2 moderate. We have enjoyed a relatively low number of patches each month in 2014 […]



By: - Independent Computer Security Analyst

@gcluley

Hackers target military, embassy and defense workers in Operation Pawn Storm

October 25th, 2014

A group of organised criminal hackers, possibly backed by an unknown country, are targeting government, media and military organisations in the United States, Pakistan, and across Europe, according to new research [PDF] released by researchers at Trend Micro. In an operation dubbed “Pawn Storm”, the hackers have targeted computers belonging to – amongst others – […]



By: - Independent Computer Security Analyst

@gcluley

Hackers exploit Windows zero-day flaw in targeted PowerPoint attacks

October 22nd, 2014

Be on your guard. Another zero-day vulnerability has been uncovered that affects almost all supported versions of Windows, and it is being actively exploited by hackers in targeted attacks. Microsoft has issued a security advisory about a critical remote code execution flaw in all versions of Windows apart from Windows Server 2003. That would be […]



By: - Independent Computer Security Analyst

@gcluley

Malicious ads run next to popular YouTube videos, laced with the Sweet Orange exploit kit

October 17th, 2014

If you want to watch a video, you go to YouTube.  It’s as simple as that. Although other sites exist which host videos, Google-owned YouTube is the Goliath in the market – and gets the overwhelming bulk of the net’s video-watching traffic. And, of course, that enormous success and high traffic brings with it unwanted […]



By: - Dir. Solutions Marketing

BadUSB Update

October 16th, 2014

I have received several inquiries regarding the latest news about the so-called BadUSB vulnerability, so I thought I’d write a quick post on what we know at the moment. What is BadUSB? BadUSB is a vulnerability – not malware – in the design and implementation of firmware used on USB devices which allows it to […]



By: - Director, Product Management

@russbernst

October Patch Tuesday Fixes Critical Vulns in Windows, IE

October 14th, 2014

Microsoft’s September reorg of the Trustworthy Computing Group definitely didn’t slow down the patches. Today’s October Patch Tuesday addresses 24 CVEs in 8 bulletins; 3 are critical and 5 are important. The TwC cybersecurity group is still hard at work and given the very nature of software, that’s a good thing. The industry needs a […]



By: - Senior Architect

@danteal

Security Resiliency

October 13th, 2014

Computer security is in the headlines yet again. Last week it was the bash “Shellshock” vulnerability, before that it was the Home Depot credit card breach, and now the news is all about the security breach at JP Morgan. [ed.: And since Dan wrote this post, we’re knee deep in news about the Dairy Queen data breach […]



By: - Director, Product Management

@russbernst

TwC Hard at Work After All; 9 Bulletins for Oct Patch Tuesday

October 9th, 2014

September news reports that the Trustworthy Computing Group at Microsoft was disbanding left some wondering about the future of Patch Tuesday. This month’s patch load of 9 total bulletins, 3 critical, 5 important and 1 moderate should eliminate those worries, at least for now. The security group anyway is definitely still hard at work. Given […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com