By: - Independent Computer Security Analyst


Got Adobe Reader on your Android device? You Had Best Update it ASAP

April 16th, 2014

A critical security vulnerability has been found in Adobe Reader Mobile, the version of the popular PDF Reader developed for the Android operating system, which could lead to remote hackers compromising documents stored on your Android device and its SD memory card. If you were feeling smug that you had managed to avoid the Heartbleed [...]

By: - Senior Architect


Heartbleed and CRLs

April 14th, 2014

The “Heartbleed” vulnerability in the OpenSSL cryptographic library released this week has impacted over a half million web sites and untold numbers of user accounts. Attackers can exploit this vulnerability to read the memory of affected systems to obtain secret keys, user passwords, and any other sensitive data stored in the memory of the web service.  [...]

By: - Independent Computer Security Analyst


Windows 8.1 Update – Microsoft forces users to update OS if they want future security updates

April 9th, 2014

Most of the attention this week, from the patching point of view at least, has been directed towards the last ever security fixes for Windows XP. Microsoft warned in 2007 that it would no longer be supporting Windows XP after April 8th, 2014, and they have kept true to their promise – meaning that all [...]

By: - Director, Product Management


Final Patch Tuesday Quietly Ushers Out XP and 2003

April 8th, 2014

2 Critical 2 Important In the final Patch Tuesday for Windows XP and Office 2003, Microsoft released 4 patches today, two critical and two important that cover a total of just 11 CVEs. While an unusually small Patch Tuesday, it isn’t surprising Microsoft included final fixes in XP and Office 2003. For that reason, this [...]

By: - Independent Computer Security Analyst


Security Holes Uncovered by Google in Apple Safari, as Microsoft Readies Final Patches for XP

April 3rd, 2014

Next Tuesday, April 8 2014, will see a very special bundle of “Patch Tuesday” updates coming from Microsoft. What will make the patches memorable will not be so much what vulnerabilities they protect Windows computer users against, but rather that they will include – for the very last time – security patches for the ageing [...]

By: - Director, Product Management


Final Patch Tuesday for Windows XP and Office 2003

April 3rd, 2014

In the final Patch Tuesday for Windows XP and Office 2003, Microsoft will release four bulletins next week, two critical and two important. Not surprisingly, Microsoft is including final fixes in XP and Windows 2003 so this will be an important Patch Tuesday for users who rely on this outdated code that moves to self-support [...]

By: - Independent Computer Security Analyst


Who Does China Blame for a Third of All Cyber Attacks Against It? The USA

March 31st, 2014

A few years ago, in what we call the BS era (“Before Snowden”), there were frequent accusations levelled against China for attempting to hack into foreign country’s computer systems and steal information. And, to be fair, there was often good reason to suspect that some attacks were conducted with the endorsement of the Beijing authorities. [...]

By: - Independent Computer Security Analyst


Isn’t It Time Oracle Gave Us Monthly Security Updates for Java?

March 24th, 2014

In some ways, it could be argued that Java is an incredible success. I’m serious. Stop laughing at the back. You see, according to Oracle, Java’s developer, the product is used on over 3 billion different devices worldwide. That *is* impressive. But, for those of us concerned with securing systems and keeping computer data safe, [...]

By: - Technology Reporter


The Real Infosec Employee Shortage

March 19th, 2014

When a company like HP offers up a $250,000 grant to attract IT security workers to the field, you know there’s a backstory. In this case, HP’s Scholarship for Women Studying Information Security (SWSIS) program hopes to prime the pump of IT security workers entering the market. The shortage is real—and critical. The IT security [...]

By: - IT Secured. Success Optimized.


Retail POS Cyber Attacks: Why, How and What to Do

March 18th, 2014

Here’s a quick look at how cyber thieves attack retail organizations, some thoughts on why and best practices for defending against them.

By: - Forensics and Security Expert


XP End of Support Options

March 17th, 2014

The end of support for Windows XP has disastrous potential for those who do not prepare for it. Anyone still on the OS can expect an onslaught of malware after April 8th, 2014 – the date Microsoft will no longer ship security patches for XP. Any bad guy out there with an XP exploit will [...]

By: - IT Security Expert, Author


We Thought We Understood How to Defend Against Targeted Attacks

March 12th, 2014

The lesson to be learned from the content of Snowden’s documents released to date is that the NSA has built a global capability to execute on a plan of information dominance for intelligence gathering. Ostensibly to collect enough communications meta data and content to deter, disrupt, and destroy terrorists and their plans, the NSA’s capabilities [...]

By: - Director, Product Management


March Patch Tuesday: Time to Update IE Again

March 11th, 2014

Microsoft released 5 updates for a total of 23 CVEs on today’s March Patch Tuesday. Two patches are rated Critical and the remaining bulletins are rated Important. Not surprisingly, the first on the list, MS14-012, is another cumulative update to all versions of Internet Explorer. It fixes 18 CVEs, including the IE Zero Day we [...]

By: - Information Security Reporter


What Does the Target Breach Tell Us About DSS and POS?

March 10th, 2014

In the final analysis, it is going to be Target’s customers that pay the price for this winter’s breach. OK, CIO Beth Jacob has fallen on her sword and departed; but that could hardly be avoided, and “this is a good time for a change” is hardly contrition. Apart from that, the innocent will pay [...]

By: - Director, Product Management


March Patch Tuesday: Time to Update IE Again

March 6th, 2014

Microsoft is set to release 5 updates during next week’s March Patch Tuesday and two are critical. Not surprisingly, the first on the list is another cumulative update to all versions of Internet Explorer. Thankfully, this will update the IE Zero Day we saw last month that Microsoft addressed with the release of security advisory [...]

IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us