By: - Director, Product Management

@russbernst

A Whopping Patch Tuesday

November 6th, 2014

IT pros will be thankful for some holiday time off at the end of this month because November Patch Tuesday will certainly keep them busy. Microsoft is set to release 16 bulletins next week, 5 are critical, 9 important and 2 moderate. We have enjoyed a relatively low number of patches each month in 2014 […]



By: - Dir. Solutions Marketing

Infosec Haiku

October 25th, 2014

Anata no joho sekyuritei konshu no haiku CryptoWall Strikes Org Encrypts All of Their Servers Hundreds Now Idled   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if […]



By: - Independent Computer Security Analyst

@gcluley

Hackers target military, embassy and defense workers in Operation Pawn Storm

October 25th, 2014

A group of organised criminal hackers, possibly backed by an unknown country, are targeting government, media and military organisations in the United States, Pakistan, and across Europe, according to new research [PDF] released by researchers at Trend Micro. In an operation dubbed “Pawn Storm”, the hackers have targeted computers belonging to – amongst others – […]



By: - Independent Computer Security Analyst

@gcluley

Hackers exploit Windows zero-day flaw in targeted PowerPoint attacks

October 22nd, 2014

Be on your guard. Another zero-day vulnerability has been uncovered that affects almost all supported versions of Windows, and it is being actively exploited by hackers in targeted attacks. Microsoft has issued a security advisory about a critical remote code execution flaw in all versions of Windows apart from Windows Server 2003. That would be […]



By: - Dir. Solutions Marketing

Infosec Haiku

October 18th, 2014

Anata no joho sekyuritei konshu no haiku Huge Month for Patches —   and Much More Time to Patch It Up   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your […]



By: - Dir. Solutions Marketing

Infosec Haiku

October 18th, 2014

Anata no joho sekyuritei konshu no haiku Vulns Galore This Week Oh So Many CERT Alerts Time to Patch It Up   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your […]



By: - Independent Computer Security Analyst

@gcluley

Malicious ads run next to popular YouTube videos, laced with the Sweet Orange exploit kit

October 17th, 2014

If you want to watch a video, you go to YouTube.  It’s as simple as that. Although other sites exist which host videos, Google-owned YouTube is the Goliath in the market – and gets the overwhelming bulk of the net’s video-watching traffic. And, of course, that enormous success and high traffic brings with it unwanted […]



By: - Dir. Solutions Marketing

BadUSB Update

October 16th, 2014

I have received several inquiries regarding the latest news about the so-called BadUSB vulnerability, so I thought I’d write a quick post on what we know at the moment. What is BadUSB? BadUSB is a vulnerability – not malware – in the design and implementation of firmware used on USB devices which allows it to […]



By: - Director, Product Management

@russbernst

October Patch Tuesday Fixes Critical Vulns in Windows, IE

October 14th, 2014

Microsoft’s September reorg of the Trustworthy Computing Group definitely didn’t slow down the patches. Today’s October Patch Tuesday addresses 24 CVEs in 8 bulletins; 3 are critical and 5 are important. The TwC cybersecurity group is still hard at work and given the very nature of software, that’s a good thing. The industry needs a […]



By: - Senior Architect

@danteal

Security Resiliency

October 13th, 2014

Computer security is in the headlines yet again. Last week it was the bash “Shellshock” vulnerability, before that it was the Home Depot credit card breach, and now the news is all about the security breach at JP Morgan. [ed.: And since Dan wrote this post, we’re knee deep in news about the Dairy Queen data breach […]



By: - Dir. Solutions Marketing

Infosec Haiku

October 11th, 2014

Anata no joho sekyuritei konshu no haiku Ever More Breaches This Week: DQ and Kmart Will It Never End?   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is  published. * Submit Your Own … […]



By: - Director, Product Management

@russbernst

TwC Hard at Work After All; 9 Bulletins for Oct Patch Tuesday

October 9th, 2014

September news reports that the Trustworthy Computing Group at Microsoft was disbanding left some wondering about the future of Patch Tuesday. This month’s patch load of 9 total bulletins, 3 critical, 5 important and 1 moderate should eliminate those worries, at least for now. The security group anyway is definitely still hard at work. Given […]



By: - Independent Computer Security Analyst

@gcluley

Unpatchable BadUSB Code Is Now Publicly Available

October 6th, 2014

How sweet would it be to plug and play USB devices without the fear of viruses, malware and other security threats? It’s everyone’s dream to own 100% foolproof USB devices for their file storage and transfer routine: Fascinating to think about it, but it simply isn’t gonna happen with the raft of current USB-related security […]



By: - Dir. Solutions Marketing

Infosec Haiku

October 4th, 2014

Anata no joho sekyuritei konshu no haiku JP Morgan Chase Hack Attack Portends Wider Campaign Against Banks   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours […]



By: - Dir. Solutions Marketing

Shellshock Exploit Demo, and More

October 1st, 2014

In my  previous post we discussed Shellshock, the GNU Bourne Again Shell (Bash) vulnerability which was made public last week. News continues to pour in as the researchers and vendors (and probably a few blackhats) try to understand the true scope of the problem. So today we’ll discuss a few updates to the situation since we published […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com