Eliminating Java Will Not Solve Your Problem
March 6th, 2013
While many are jumping on the ‘Death to Java’ bandwagon and ranting about turning off Java to eliminate risk, it is important to put the issue in the proper context: the reality of the matter is a Java vulnerability is not the end game for a cyber criminal; it is merely a delivery mechanism in [...]
Why the Bit9 Hack is Not a Failure of Application Control, Whitelisting
February 19th, 2013
There’s never a dull day in the security industry. Anymore, we rarely have to look beyond the proverbial front page for news on the latest hack. Cyber attacks are increasing in volume and sophistication and no one is immune. Two weeks ago, my preferred grocery store here in Phoenix announced they had been breached. And [...]
The New York Times Breach: Why AV Failed, What They Should Have Done and What We Accomplish by Letting Them Stay Inside
February 1st, 2013
In yet another example in the saga of personalized malware from foreign nations, specifically China, The New York Times reported Wednesday that the Chinese had carried out an extensive malware campaign against the newspaper giant for the past four months. With this news, we see once again stand alone, signature-based defenses are completely ineffective, especially [...]
Ransomware is Back with a Vengeance and Targeting Business
December 27th, 2012
Ransom-ware has matured since it was first seen in 1989 with the PC Cyborg Trojan. Today, it is big business for cyber criminals; and for good reason. A September article reported cyber criminals could earn between $50,000 and $60,000 a day by focusing their efforts on just a couple of countries. The severity of ransom-ware’s [...]
APTs and Acquisition
November 6th, 2012
You’d have to be living under a rock to not have heard about the recent rise in targeted attacks. From oil operators in the Middle East to financial institutions in the U.S., advanced persistent threats, APTs, have grown exponentially. Yes, they are a problem for big, global brands but should smaller organizations concern themselves with [...]
What the Security Features of Apple’s Mountain Lion Mean for the Enterprise
June 14th, 2012
The 2012 Apple World Wide Developers’ Conference saw the release of many new Apple products, including a sneak peek of the long-anticipated OS, Mountain Lion. The new release shows that Apple has taken one step forward in what will be a long security road. While it’s a good start, they are still miles behind Microsoft [...]
By: Paul Zimski - IT Security Expert
Closing the Antivirus Protection Gap
May 16th, 2012
With 50% of IT endpoint operating costs now attributable to malware, is reliance on antivirus as the keystone endpoint security measure the best approach? Instinct tells us no but to be sure, Lumension recently did a comparative analysis on the effectiveness of standalone AV and O/S resident patching solution versus newer technologies, including application whitelisting, [...]
By: Chris Merritt - Dir. Solutions Marketing
DNSChanger Trojan: Not All Doom and Gloom
May 9th, 2012
If your server(s) have been infected by the DNSChanger Trojan and you’ve not done anything about it, time is running out. You have until July 9, 2012 to get your systems fixed, or you’ll lose internet access until you do. This insidious little Trojan – variously known as TDSS, Alureon, TidServ, and TDL4 malware – [...]
By: Chris Merritt - Dir. Solutions Marketing
Application Whitelisting: Key Protection Against Targeted Cyber Attacks
August 1st, 2011
The Australian Department of Defence recently updated their Strategies to Mitigate Targeted Cyber Intrusions guidelines, and I think it warrants a little discussion. The relatively short (only two pages!) document from the Cyber Security Operation Centre (CSOC) – part of the Defence Signals Directorate (DSD) – is based on their experience in operational cyber security, [...]
2011 Has Potential to be a Really Bad Year
April 20th, 2011
If we look at how 2010 ended there is perhaps good reason for IT security pros to already be nervous in 2011. According to the end of year report from IBM X-Force, at least 44% of all vulnerabilities disclosed in 2010 had no corresponding patch by end of year. Not only do we have to [...]
FREE Scanner
Free eBook
Over 80% of IT Directors say that mobile devices represent a security threat.
