By: - Independent Computer Security Analyst

@gcluley

Got Adobe Reader on your Android device? You Had Best Update it ASAP

April 16th, 2014

A critical security vulnerability has been found in Adobe Reader Mobile, the version of the popular PDF Reader developed for the Android operating system, which could lead to remote hackers compromising documents stored on your Android device and its SD memory card. If you were feeling smug that you had managed to avoid the Heartbleed [...]



By: - Senior Architect

@danteal

Heartbleed and CRLs

April 14th, 2014

The “Heartbleed” vulnerability in the OpenSSL cryptographic library released this week has impacted over a half million web sites and untold numbers of user accounts. Attackers can exploit this vulnerability to read the memory of affected systems to obtain secret keys, user passwords, and any other sensitive data stored in the memory of the web service.  [...]



By: - Independent Computer Security Analyst

@gcluley

Windows 8.1 Update – Microsoft forces users to update OS if they want future security updates

April 9th, 2014

Most of the attention this week, from the patching point of view at least, has been directed towards the last ever security fixes for Windows XP. Microsoft warned in 2007 that it would no longer be supporting Windows XP after April 8th, 2014, and they have kept true to their promise – meaning that all [...]



By: - Director, Product Management

@russbernst

Final Patch Tuesday Quietly Ushers Out XP and 2003

April 8th, 2014

2 Critical 2 Important In the final Patch Tuesday for Windows XP and Office 2003, Microsoft released 4 patches today, two critical and two important that cover a total of just 11 CVEs. While an unusually small Patch Tuesday, it isn’t surprising Microsoft included final fixes in XP and Office 2003. For that reason, this [...]



By: - Director, Product Management

@russbernst

Final Patch Tuesday for Windows XP and Office 2003

April 3rd, 2014

In the final Patch Tuesday for Windows XP and Office 2003, Microsoft will release four bulletins next week, two critical and two important. Not surprisingly, Microsoft is including final fixes in XP and Windows 2003 so this will be an important Patch Tuesday for users who rely on this outdated code that moves to self-support [...]



By: - Independent Computer Security Analyst

@gcluley

Who Does China Blame for a Third of All Cyber Attacks Against It? The USA

March 31st, 2014

A few years ago, in what we call the BS era (“Before Snowden”), there were frequent accusations levelled against China for attempting to hack into foreign country’s computer systems and steal information. And, to be fair, there was often good reason to suspect that some attacks were conducted with the endorsement of the Beijing authorities. [...]



By: - Independent Computer Security Analyst

@gcluley

Isn’t It Time Oracle Gave Us Monthly Security Updates for Java?

March 24th, 2014

In some ways, it could be argued that Java is an incredible success. I’m serious. Stop laughing at the back. You see, according to Oracle, Java’s developer, the product is used on over 3 billion different devices worldwide. That *is* impressive. But, for those of us concerned with securing systems and keeping computer data safe, [...]



By: - Technology Reporter

@jleclaire

The Real Infosec Employee Shortage

March 19th, 2014

When a company like HP offers up a $250,000 grant to attract IT security workers to the field, you know there’s a backstory. In this case, HP’s Scholarship for Women Studying Information Security (SWSIS) program hopes to prime the pump of IT security workers entering the market. The shortage is real—and critical. The IT security [...]



By: - Forensics and Security Expert

@phenrycissp

XP End of Support Options

March 17th, 2014

The end of support for Windows XP has disastrous potential for those who do not prepare for it. Anyone still on the OS can expect an onslaught of malware after April 8th, 2014 – the date Microsoft will no longer ship security patches for XP. Any bad guy out there with an XP exploit will [...]



By: - IT Security Expert, Author

@stiennon

We Thought We Understood How to Defend Against Targeted Attacks

March 12th, 2014

The lesson to be learned from the content of Snowden’s documents released to date is that the NSA has built a global capability to execute on a plan of information dominance for intelligence gathering. Ostensibly to collect enough communications meta data and content to deter, disrupt, and destroy terrorists and their plans, the NSA’s capabilities [...]


By: - Director, Product Management

@russbernst

March Patch Tuesday: Time to Update IE Again

March 11th, 2014

Microsoft released 5 updates for a total of 23 CVEs on today’s March Patch Tuesday. Two patches are rated Critical and the remaining bulletins are rated Important. Not surprisingly, the first on the list, MS14-012, is another cumulative update to all versions of Internet Explorer. It fixes 18 CVEs, including the IE Zero Day we [...]


By: - Information Security Reporter

@kevtownsend

What Does the Target Breach Tell Us About DSS and POS?

March 10th, 2014

In the final analysis, it is going to be Target’s customers that pay the price for this winter’s breach. OK, CIO Beth Jacob has fallen on her sword and departed; but that could hardly be avoided, and “this is a good time for a change” is hardly contrition. Apart from that, the innocent will pay [...]


By: - Director, Product Management

@russbernst

March Patch Tuesday: Time to Update IE Again

March 6th, 2014

Microsoft is set to release 5 updates during next week’s March Patch Tuesday and two are critical. Not surprisingly, the first on the list is another cumulative update to all versions of Internet Explorer. Thankfully, this will update the IE Zero Day we saw last month that Microsoft addressed with the release of security advisory [...]


By: - Dir. Solutions Marketing

POS System Pwnage

March 5th, 2014

Perhaps there have been bigger breaches, but the Target breach in late-2013 certainly seems to set off a firestorm. There are literally thousands of new online articles and posts everyday covering the event – the who, what, where, when, and especially the how and “what now” aspects of the case – and we’re certainly not [...]


By: - Dir. Solutions Marketing

My Moscone Adventure – RSAC 2014

March 3rd, 2014

I love trade shows. No, really … I do. And I’ve done a lot of different trade shows over the years at the Moscone Center in San Francisco, on both sides of the aisle. But this year I finally had some time to attend the RSA Conference. Plenty of bits & bytes have been written [...]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com