By:

Is Your Organization a House of Cards – Part 2

January 19th, 2015

In my last post, I explained I will be walking you through the attack of an airline company in order to obtain credit card data I can sell. Now I have my project defined. The first step is to identify a target. Because I’m looking specifically for an airline, I can’t just start scanning ports […]



By: - Independent Computer Security Analyst

@gcluley

The EFF’s secure messaging scorecard. Which app will you use?

January 15th, 2015

We live in alarming times. Revelations by NSA whistleblower Edward Snowden woke many of us to up the risks posed by covert surveillance, and in just the last few days – following the ghastly events in Paris – UK Prime Minister David Cameron has called for secure communication apps to be made unlawful, or at […]



By: - Dir. Solutions Marketing

State of the Endpoint Identifies Risky Users as Top Threat

January 14th, 2015

For years, security pros have complained joked about over-zealous users who click on everything. With today’s release of the sixth annual State of the Endpoint study by Ponemon Institute, and commissioned by Lumension, the joke is reality for many and unfortunately it isn’t all that funny. Negligent and/or careless employees who do not follow security […]



By: - Director, Product Management

@russbernst

January is Update Your Microsoft Windows Month

January 13th, 2015

There are 8 total security bulletins for the first Patch Tuesday of 2015; 1 is rated critical and 7 are important. All of them impact Windows or Windows components; there are no specific Microsoft application updates. The good news is that there are just 8 CVEs to patch this month so it’s a 1 and […]



By:

Is Your Organization a House of Cards?

January 12th, 2015

Some data breaches get a lot of attention in the news. When a large amount of data is taken from a popular retailer or organization, it makes big news in the media, and law enforcement gets interested. They like to be seen investigating the biggest crimes so everyone thinks they are doing their job. On […]



By: - Independent Computer Security Analyst

@gcluley

Google shows hackers how to exploit Windows 8.1

January 5th, 2015

If I told that you that a bunch of hackers had found a zero-day vulnerability in Microsoft Windows 8.1 you would probably be concerned. Especially if details of the unpatched security bug had not only been made public, but actual working exploit code had also been released on the internet for anyone else to use. […]



By:

PayPal Accounts Still For Sale After Major Vulnerability Fix

December 26th, 2014

Earlier this month it was announced that PayPal fixed a bug which would allow an attacker to take over practically any PayPal account. The vulnerability was identified and reported through PayPal’s Bug Bounty program by Yasser Ali, an independent IT Security researcher in Egypt. Ali was experimenting with PayPal’s security token mechanism. He found that […]



By: - Independent Computer Security Analyst

@gcluley

German steel works suffered “massive damage” after hack attack

December 23rd, 2014

Hackers who compromised a German steel works inflicted serious damage on one of its blast furnaces, according to a newly released report from the German Federal Office of Information Security. Once again, according to the German report [PDF], the initial infection took place because a member of staff was tricked by a spearphishing email that […]



By:

“Sophisticated” Regin Relies on Age-Old Techniques

December 22nd, 2014

The IT Security industry is saying that Regin is “Top-tier” – “Sophisticated” – “Super-spyware”. When you look at a Regin attack in detail however, you find a lot of techniques in common with plain old-fashioned data-stealing malware. No matter how sophisticated the malware, the same steps are needed to successfully infiltrate the victim’s machines. And familiar defenses […]



By: - Dir. Solutions Marketing

IT Security Budgets, Destructive Malware and Software Vulns – A 2015 Sneak Peek

December 17th, 2014

Even non-security news outlets and bloggers have been writing about 2014 as the year of the mega breach. And for good reason, when you consider cyber criminals’ attacks on Target, JP Morgan, Home Depot and most recently of course, Sony Pictures. Regardless of your opinion on how Sony has handled the breach to-date, no one […]



By: - Independent Computer Security Analyst

@gcluley

SoakSoak malware hits over 100,000 WordPress websites

December 15th, 2014

Do you run WordPress on your website?  If so, you’re in good company. Around 19% of the world’s websites are thought to run WordPress, which is even more astonishing when you consider that many sites don’t have any content management system at all. And although running your own self-hosted version of WordPress (as opposed to […]



By: - Independent Computer Security Analyst

@gcluley

Problems for Windows 7 and Exchange users as Microsoft warns of buggy security patches

December 14th, 2014

On the second Tuesday of every month, regular as clockwork, Microsoft issues security fixes for users of its software – protecting against newly discovered vulnerabilities and bugs. And normally, the advice is to roll them out across your enterprise at your earliest opportunity – particularly in the case of the most serious critical security patches, which could […]



By: - Director, Product Management

@russbernst

Final Patch Tuesday of 2014, Have You Kept Up?

December 9th, 2014

The 2014 Patch Tuesday program came to a close  today with Microsoft’s release of 7 security bulletins. 3 are critical and 4 are rated important. Before jumping in to this month’s updates however, it’s interesting to do a quick year-over-year comparison. Assuming no out-of-band patches later this month, the total number of bulletins released by Microsoft […]



By: - Director, Product Management

@russbernst

7 December Bulletins to Close Out 2014 Patch Tuesdays

December 4th, 2014

Microsoft is set to release 7 bulletins during next week’s Patch Tuesday; 3 are critical and 4 are important. If all 7 are released as planned, the total number of patches in 2014 will hit 84. This year’s patch load is close in quantity to 2012 when 83 patches were released in all. Last year […]



By: - Dir. Solutions Marketing

E-Cigarettes Are Bad for Your Computer’s Health!

December 2nd, 2014

There’s been a lot of news lately about the adverse health impact of vaping, including a recent study which suggests that e-cigarettes contain up to 10 times the level of carcinogens of regular tobacco. But perhaps less well publicized is the recent news that e-cigarettes might give you malware. According to an account on Reddit, […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com