By:

Ransomware – To Pay or Not To Pay?

June 22nd, 2015

Let me paint a scene for you. You’re sitting at your desk between meetings. You’re working on a PowerPoint for a customer meeting tomorrow, and you’re waiting for an email back from a co-worker. You have another meeting in an hour, which gives you just enough time to hone this presentation. It’s been 15 well-crafted […]



By: - Independent Computer Security Analyst

@gcluley

LinkedIn trumpets the success of its private bug bounty

June 19th, 2015

It’s all very well having a bug bounty program, argues LinkedIn, but how is your organisation going to cope if it is bombarded with hundreds of meaningless and useless reports, that your security team cannot act upon?



By: - Independent Computer Security Analyst

@gcluley

Don’t let the LastPass hack destroy your faith in password managers

June 16th, 2015

The LastPass hack may rattle some people’s faith in password managers, but the truth is that they’re a heck of a lot safer than the alternative. Relying on humans to manage multiple passwords has almost always proved to be a disaster.



By:

Ransomware Is the New Kidnapping

June 15th, 2015

In the pre-internet days, ransoms typically involved only prominent, wealthy people and their families. Kidnapping people for ransom is mostly a thing of the past nowadays. It’s an old-fashioned crime. You can’t really get away with it anymore. Kidnapping files, however, is rapidly becoming more popular. Intel/McAfee reports a 155% rise in ransomware in Q4 […]



By: - Independent Computer Security Analyst

@gcluley

All US .gov websites ordered to be HTTPS-only by the end of next year

June 10th, 2015

Good news for privacy.

The US government’s CIO has officially announced that all .gov websites must be only available via encrypted HTTPS connections by the end of 2016.



By: - Director, Product Management

@russbernst

Time to Patch … Tuesday for June

June 9th, 2015

This June Patch Tuesday we have a slightly smaller patch load from Microsoft, taking us back to more historic average releases of 8 bulletins. We have just 2 critical patches to deal with and 6 important. While this is good news for those that have their sights set on some summer vacation, this release also […]



By:

Ransomware 101

June 8th, 2015

This is the first in a series of posts about ransomware. In this post and over the next several weeks I’ll discuss what ransomware is, who the victims are, give some details on a couple of specific types, how to protect your organization, and what to do when your systems have been taken captive. You’ve […]



By:

You May Already Know Your Next Hacker

June 1st, 2015

Over the last couple of weeks I’ve seen a pattern of companies frustrating an individual to the point where the person gives up trying to communicate with the company and hacks them in a major way instead. I guess you could call it Revenge Hacking. In each case, the company was communicating with the person […]



By: - Independent Computer Security Analyst

@gcluley

If lax security leads to a data breach, your insurer may not pay out

May 29th, 2015

When a healthcare provider suffered an embarrassing data breach, it hoped it could recoup some of its losses by claiming on insurance.

But it turns out it wasn’t as simple as that…



By:

How Does Your Organization Handle Vulnerability Disclosures?

May 25th, 2015

You’ve probably heard the idiom “No good deed goes unpunished.” It looks like that phrase will survive even the cyber age. There have a been few news stories about how vulnerability disclosures were handled, or mishandled. Some made me laugh, some made me cringe. When IT Security professionals find a vulnerability, they know what to […]



By: - Independent Computer Security Analyst

@gcluley

Logjam vulnerability – what you need to know

May 20th, 2015

Researchers discover a new attack against encrypted communications on the internet.



By:

Buying Exploits for Zero-Day Vulnerabilities

May 18th, 2015

A few weeks ago a story appeared on Slashdot about a new marketplace on the Dark Web called The Real Deal. Since it’s already in the press, hopefully there’s no harm in describing it here. I do risk being banned from the site for discussing it, but I’m optimistic they’ll see it as free publicity rather […]



By: - Director, Product Management

@russbernst

Nope, Patch Tuesday Has Not Gone Away: It’s a Monster May

May 12th, 2015

Rumours of the demise of Patch Tuesday have been squelched for now, with today’s release of 13 security bulletins from Microsoft. It’s May Patch Tuesday and while last week’s announcement of Windows Update for Business (WUB) makes it clear as mud whether or not Microsoft will in fact continue to provide monthly security patches for […]



By: - Independent Computer Security Analyst

@gcluley

Is your graphics card hiding a rootkit or keylogger?

May 12th, 2015

Why would malicious code want to run entirely on the GPU? And should we be concerned?



By:

Is Data Privacy Becoming Extinct?

May 11th, 2015

It seems your digital footprint is getting more and more interesting to more and more parties. There’s been plenty of news this week about the U.K. and France joining the United States in mass monitoring of their citizens’ data. The U.K. “Snooper’s Charter” England is already known for monitoring its populace with its many public […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com