By: - Dir. Solutions Marketing

Infosec Haiku

April 18th, 2015

Anata no joho sekyuritei konshu no haiku Java CPU Released This Week – 14 Bugs Squashed – Please Update Now!   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own […]



By: - Independent Computer Security Analyst

@gcluley

Minecraft learns the hard way: It’s not good to ignore vulnerability reports

April 17th, 2015

If a security researcher finds a vulnerability in your software, please don’t ignore them. Instead, be grateful that someone who has found a flaw in your product has chosen to let you know about it, rather than selling it (for probably more cash than you’ll offer them as a bug bounty) to some nefarious ne’er-do-well […]



By: - Director, Product Management

@russbernst

Another Big Update for April Patch Tuesday

April 14th, 2015

Another high number of updates have been released by Microsoft this April Patch Tuesday – 11 security bulletins have been distributed in all; 4 of them are critical and 7 important. This is a follow-up to last month’s big Patch Tuesday with 14 bulletins. April will be an important month for your server team, with […]



By:

Hijacking Websites for Hacktivism (part 1)

April 13th, 2015

I mentioned in my last post about hacktivism that I had some future plans based on upcoming events. I’m confident enough in my plan that I’m going to share it here with you, of course leaving out a few specific details. If you want to avoid being the victim of a plan like this, then […]



By: - Dir. Solutions Marketing

Infosec Haiku

April 11th, 2015

Anata no joho sekyuritei konshu no haiku Beebone Is Sinkholed – Whitehats Take Evil Morphing Malware Down for Now   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … […]



By: - Independent Computer Security Analyst

@gcluley

Hackers break into Linux Australia server, plant malware, steal personal information

April 7th, 2015

Linux Australia has warned its members and conference attendees that their personal information may have fallen into the hands of online criminals, following a breach of the organisation’s servers. In a mailing list posting, Linux Australia Joshua Hesketh confirmed that a malicious hacker attacked the site between 04:00 and 06:00 local time on 22 March […]



By:

Have You Thought About Hacktivism?

April 6th, 2015

I know you are focused on stopping cyber crime, but have you thought about hacktivism at all? It may very well affect your organization in the future – if it hasn’t already. Who Are Hacktivist Targets? A surprising variety of organization types are victims of hacktivism. You might think that your organization is immune, or […]



By: - Dir. Solutions Marketing

Infosec Haiku

April 4th, 2015

Anata no joho sekyuritei konshu no haiku Dyre Wolf Banking Malware Is Robbing You Blind. Beware the Spear Phish!   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your Own … […]



By: - Independent Computer Security Analyst

@gcluley

XSS flaws expose weaknesses on Amazon and UK newspaper websites

March 31st, 2015

Cross-site scripting (XSS) flaws are amongst the most commonly encountered security flaws found on websites, opening up opportunities for malicious hackers to hijack customer accounts, change users’ settings and phish login credentials. Unfortunately, it only requires a single web developer to make a mistake to open up opportunities which online criminals can exploit to launch […]



By:

Will Bar Mitzvah Be The Death Knell for RC4 Crypto?

March 30th, 2015

RC4 is an encryption algorithm designed by RSA in 1987. It was attractive then because it could be implemented in a few lines of code, and wasn’t computationally intensive. PC’s were 8088 or MC68000 based at the time, and 64K was enough RAM, remember? Even today RC4 has advantages. It runs fast on small devices, […]



By: - Dir. Solutions Marketing

Infosec Haiku

March 28th, 2015

Anata no joho sekyuritei konshu no haiku Twenty Percent of Top Sites Are Running Bad Code. Please Patch Your Site Now!   ### Notes ### * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this space to see if yours is published. * Submit Your […]



By: - Independent Computer Security Analyst

@gcluley

Android users exposed to malware by installer hijacking vulnerability

March 27th, 2015

Security researchers have warned about a widespread vulnerability in Android devices, that could see attackers sneakily modify or entirely replace seemingly benign apps with malware, without users becoming aware. In other words, a user might attempt to install a legitimate version of “Angry Birds” but instead end up with a Flashlight app that’s harbouring malware. […]



By: - IT Secured. Success Optimized.

@_lumension

Introducing HEAT Software

March 20th, 2015

Jonathan Temple, President & CEO, HEAT Software. Our recent merger of Lumension and FrontRange marks an important new chapter in the evolution of service and unified endpoint management. The two companies are merging to form HEAT Software and I’m thrilled to be heading the newly formed organization as CEO. I should hasten to add that the […]



By: - Independent Computer Security Analyst

@gcluley

Brace yourself. Mystery OpenSSL high severity vulnerability due to be fixed on Thursday

March 18th, 2015

New versions of OpenSSL, the open-source software widely used to encrypt internet communications using SSL/TLS, are due to be released on Thursday, patching a series of security vulnerabilities. And one of those security vulnerabilities, according to the software’s developers, is considered “highly serious”. Details of the nature of the security flaws are currently non-existent, but […]



By:

To Patch or Not To Patch, Which is Riskier?

March 16th, 2015

Patching systems in an enterprise is a complex and risky activity. It’s extremely time-consuming if you do it right. It’s even more time consuming if you don’t do it right. And in either case, there is fallout to deal with after patching. The patches don’t get applied to some systems, some systems stop working after […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com