Optimal Security : the Lumension Blog

Over the 4th of July weekend, a widespread and unusually resilient virus attack brought down the Web sites of several federal government agencies, some believed to be responsible for fighting cyber crime.  This type of attack, as the AP article indicates, is not all that difficult to launch but it represents a nuisance in most [...]

An updated virus (MyDoom)- not a botnet is responsible for the DDoS attacks against US and South Korean websites this past weekend. The virus discovered back in 2004 has been updated to now include a list of websites that have become targets of a DDoS attack as the virus spreads.
The list of Web sites can [...]

A quick note on some interesting news/tidbits I’ve run across whilst trying to keep up with/clean out my RSS feed before I head out for the 4th of July weekend…
The Iceman Goeth. Saw where Max Ray Vision (nee Butler), aka “Iceman,” has plead guilty to two counts of wire fraud stemming from the theft of [...]

My take:

New Internet-based technologies bring new opportunities for the bad guys.
The growth of the applications we use has gone from dozens to nearly 1,000.
The losses are huge, and while the top-line number is disputable, no one can argue that cybercrime losses have reached previously unforeseen levels.
Regardless of whose survey you read, the majority of respondents [...]

As a marketer for a security software provider in this industry for a few years now, I’ve seen lots of FUD around preventing the next threat. Every vendor does it and every vendor tells you how their solution can help prevent XYZ from stealing your data or disrupting your business. In times like these where [...]

Miscellaneous interesting news / tidbits I’ve run across whilst trying to keep up with/clean out my RSS feed …
[Ya know, taking a week off from clearing the cache is brutal on the flip side ... but hopefully you'll find some nuggets in here like I did.]
Breaking In. StrongWebmail set themselves up for some pain by [...]

Willie Sutton is reputed to have said (although he didn’t, actually), when asked why he robbed banks, “Because that’s where the money is.” So, we’re not really surprised to learn that a new scam is on to liberate the contents of ATMs, and by more sophisticated means than the skimmers I’ve written about previously. Nope, [...]

It’s been long discussed in the industry that  the requirements for PCI compliance were woefully inadequate and some have gone as far  as suggesting that PCI be replaced with some form of an independent governing body that would actually raise the standard rather than  simply appeasing the vendors to become compliant.
One of the hot topics [...]

By now we’ve all had time to consider implications of Oracle buying Sun.  In the press release on the Oracle site , Larry Ellison, Oracle CEO, is quoted:

Oracle will be the only company that can engineer an integrated system – applications to disk – where all the pieces fit and work together so customers do not have to [...]

Conficker has done exactly what we thought it would do – quietly updating its software without incident. Honeypot’s in SE Asia have confirmed that it has received the update and is now able to get its future marching orders and updates in a much more stealthy and resilient manner then ever before. So, while today’s [...]