By: - Independent Computer Security Analyst

@gcluley

If lax security leads to a data breach, your insurer may not pay out

May 29th, 2015

When a healthcare provider suffered an embarrassing data breach, it hoped it could recoup some of its losses by claiming on insurance.

But it turns out it wasn’t as simple as that…



By:

How Does Your Organization Handle Vulnerability Disclosures?

May 25th, 2015

You’ve probably heard the idiom “No good deed goes unpunished.” It looks like that phrase will survive even the cyber age. There have a been few news stories about how vulnerability disclosures were handled, or mishandled. Some made me laugh, some made me cringe. When IT Security professionals find a vulnerability, they know what to […]



By: - Dir. Solutions Marketing

Infosec Haiku

May 23rd, 2015

Anata no joho sekyuritei konshu no haiku When our peers get hacked, we increase security. Ooopps – breach discovered!   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … […]



By: - Independent Computer Security Analyst

@gcluley

Logjam vulnerability – what you need to know

May 20th, 2015

Researchers discover a new attack against encrypted communications on the internet.



By:

Buying Exploits for Zero-Day Vulnerabilities

May 18th, 2015

A few weeks ago a story appeared on Slashdot about a new marketplace on the Dark Web called The Real Deal. Since it’s already in the press, hopefully there’s no harm in describing it here. I do risk being banned from the site for discussing it, but I’m optimistic they’ll see it as free publicity rather […]



By: - Dir. Solutions Marketing

Infosec Haiku

May 16th, 2015

Anata no joho sekyuritei konshu no haiku Adobe Reader: Critical Patches Released. Please Update Today!   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours is published, […]



By: - Director, Product Management

@russbernst

Nope, Patch Tuesday Has Not Gone Away: It’s a Monster May

May 12th, 2015

Rumours of the demise of Patch Tuesday have been squelched for now, with today’s release of 13 security bulletins from Microsoft. It’s May Patch Tuesday and while last week’s announcement of Windows Update for Business (WUB) makes it clear as mud whether or not Microsoft will in fact continue to provide monthly security patches for […]



By: - Independent Computer Security Analyst

@gcluley

Is your graphics card hiding a rootkit or keylogger?

May 12th, 2015

Why would malicious code want to run entirely on the GPU? And should we be concerned?



By:

Is Data Privacy Becoming Extinct?

May 11th, 2015

It seems your digital footprint is getting more and more interesting to more and more parties. There’s been plenty of news this week about the U.K. and France joining the United States in mass monitoring of their citizens’ data. The U.K. “Snooper’s Charter” England is already known for monitoring its populace with its many public […]



By: - Dir. Solutions Marketing

Infosec Haiku

May 9th, 2015

Anata no joho sekyuritei konshu no haiku Infosec Haiku: 100 Posts Up So Far. Thank You for Reading!   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if […]



By: - Independent Computer Security Analyst

@gcluley

Are we all too reliant on technology?

May 5th, 2015

A couple of news stories that came to my attention in the last week or so, underlined that although modern technology brings many benefits, we may also be depending on it too much. For instance, the Royal Institute of Navigation (RIN) issued a warning that people are at risk of losing their basic map-reading skills […]



By:

Hijacking Websites for Hacktivism (part 4)

May 4th, 2015

This is the next is a series of posts covering website hijacking. See parts 1, 2, and 3 if you’re just joining in. I’ve covered several different types of possible attacks. I’ve settled on attacking public DNS servers to hijack political campaign websites, sending their traffic to my own website which reveals the truth about […]



By: - Dir. Solutions Marketing

Infosec Haiku

May 2nd, 2015

Anata no joho sekyuritei konshu no haiku EMV is Here In October – Will This Mean A Drop in Breaches?   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own […]



By: - Independent Computer Security Analyst

@gcluley

SendGrid email service hacked, customers told to reset passwords and DKIM keys

April 27th, 2015

Most of us know about bulk email – it’s the blanket term which can be used in relation to the mountain of legitimate newsletter subscriptions and marketing emails we may have clogging up our inboxes, as well as the unsolicited junk messages, scams and phishing campaigns that spammers abuse us with. What is less well […]



By:

Hijacking Websites for Hacktivism (part 3)

April 27th, 2015

This is the next in a series of posts about my hacktivism campaign. You can read part 1 and part 2 if you missed them. My goal is to publish publicly available information about political candidates on a website I host, then redirect traffic from their campaign websites to mine. I’ve covered a few website […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com