By: - Independent Computer Security Analyst

@gcluley

Dirty sex website xHamster exploited in malvertising campaign

January 29th, 2015

For anyone thinks that they can get their sexual kicks surfing the seedier parts of the internet, rather than lurking about your city’s red light district, I’ve got some bad news for you. You can catch an infection in real life, and you can catch one on your computer too. xHamster, one of the world’s […]



By: - Dir. Solutions Marketing

Missing the Forest for the Trees: 2015 Data Protection Maturity Trends

January 28th, 2015

Today, in conjunction with the annual Data Privacy Day, Lumension released the 4th annual Data Protection Maturity Trends report. Based on a survey conducted in late 2014 of more than 700 IT security professionals from around the world, this report examines the issues and concerns facing IT security teams, how effective their data protection efforts […]



By: - Dir. Solutions Marketing

Ransomware: The Once and Future Storm?

January 27th, 2015

Lumension recently released the sixth annual State of the Endpoint Risk report [PDF], based on research by the Ponemon Institute. I’ve blogged about this report several times this year: you can find those posts here and here. This past week I was honored to present the results of this research alongside Dr. Larry Ponemon, in […]



By:

Is Your Organization a House of Cards – Part 3

January 26th, 2015

In my last 2 posts (part 1, part 2) I explained I will be walking you through the attack of an airline company in order to obtain credit card data I can sell. I’ve identified an airline, Lychee Air, flying out of Hangzhou Airport. I was able to use a not-so-public IP camera to watch […]



By: - Dir. Solutions Marketing

Infosec Haiku

January 25th, 2015

Anata no joho sekyuritei konshu no haiku State of the Endpoint Annual Report Now Out To Learn More, Go Here   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own […]



By: - Dir. Solutions Marketing

Infosec Haiku

January 25th, 2015

Anata no joho sekyuritei konshu no haiku Data Privacy Day is Here Again – Have We Made Any Progress?   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … […]



By: - Independent Computer Security Analyst

@gcluley

Don’t be evil? Google discloses yet another zero-day vulnerability in Microsoft code

January 20th, 2015

For the third time in a month, Google has gone public about a security vulnerability in Microsoft’s code – and not been prepared to wait for the software giant to publish a patch. The security hole, which exists in Microsoft Windows 7 and 8.1 is expected to be patched in Microsoft’s regular monthly security update […]



By:

Is Your Organization a House of Cards – Part 2

January 19th, 2015

In my last post, I explained I will be walking you through the attack of an airline company in order to obtain credit card data I can sell. Now I have my project defined. The first step is to identify a target. Because I’m looking specifically for an airline, I can’t just start scanning ports […]



By: - Dir. Solutions Marketing

Infosec Haiku

January 19th, 2015

Anata no joho sekyuritei konshu no haiku US / UK Say National Security Needs Crypto Backdoors   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours is […]



By: - Independent Computer Security Analyst

@gcluley

The EFF’s secure messaging scorecard. Which app will you use?

January 15th, 2015

We live in alarming times. Revelations by NSA whistleblower Edward Snowden woke many of us to up the risks posed by covert surveillance, and in just the last few days – following the ghastly events in Paris – UK Prime Minister David Cameron has called for secure communication apps to be made unlawful, or at […]



By: - Dir. Solutions Marketing

State of the Endpoint Identifies Risky Users as Top Threat

January 14th, 2015

For years, security pros have complained joked about over-zealous users who click on everything. With today’s release of the sixth annual State of the Endpoint study by Ponemon Institute, and commissioned by Lumension, the joke is reality for many and unfortunately it isn’t all that funny. Negligent and/or careless employees who do not follow security […]



By: - Director, Product Management

@russbernst

January is Update Your Microsoft Windows Month

January 13th, 2015

There are 8 total security bulletins for the first Patch Tuesday of 2015; 1 is rated critical and 7 are important. All of them impact Windows or Windows components; there are no specific Microsoft application updates. The good news is that there are just 8 CVEs to patch this month so it’s a 1 and […]



By:

Is Your Organization a House of Cards?

January 12th, 2015

Some data breaches get a lot of attention in the news. When a large amount of data is taken from a popular retailer or organization, it makes big news in the media, and law enforcement gets interested. They like to be seen investigating the biggest crimes so everyone thinks they are doing their job. On […]



By: - Dir. Solutions Marketing

Infosec Haiku

January 11th, 2015

Anata no joho sekyuritei konshu no haiku Need to Defend Our Critical Infrastructure Against Bad Guy Hacks!   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … if yours […]



By: - Independent Computer Security Analyst

@gcluley

Google shows hackers how to exploit Windows 8.1

January 5th, 2015

If I told that you that a bunch of hackers had found a zero-day vulnerability in Microsoft Windows 8.1 you would probably be concerned. Especially if details of the unpatched security bug had not only been made public, but actual working exploit code had also been released on the internet for anyone else to use. […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com