By: - Forensics and Security Expert

@phenrycissp

Near Real-Time Threat Intelligence in the Cloud

May 30th, 2013

Microsoft announced this week they will host known botnet malware infection information and other threat data in their Azure Cloud. This move will enable near-real-time threat data sharing and inarguably, this is a step in the right direction in our fight against the bad guys. ISPs and CERTs have received threat data via email from Microsoft [...]



By: - Forensics and Security Expert

@phenrycissp

Spider.io Warns of Massive IE Security Flaw; But is it Legit?

December 14th, 2012

‘Twas a week before Christmas and all through the house, not a creature was stirring. Not even your ad tracked mouse I have been reading posts on both sides of this mouse tracking issue (see here and here) and I am not yet convinced the sky is falling. This simply does not reach the level [...]



By: - Forensics and Security Expert

@phenrycissp

2011 Malware Trends

March 2nd, 2011

For those that were unable to attend the March 1 podcast on 2011 Malware Trends, here are a few of the key points with additional depth for each. By way of background, the market for stolen Internet information is saturated and things like credit card data and bank account credentials have become a cheap commodity [...]



By: - Sr. Director Solutions and Strategy

@donleatham

2011: The year “Social” Becomes the Botnet C&C Protocol of Choice

December 6th, 2010

Chances are very high that some computers in your organization have been silently infected by malware and are now part of a “botnet.” Chances are also high that you will never know it. “Stealth” has become the ultimate high-ground in the modern malware battleground. Undetectable communications and coordination between “zombie computers” has become the Holy [...]



By: - Forensics and Security Expert

@phenrycissp

Sesame Street Simple Facebook Guide to Surviving Malicious Attacks

October 30th, 2009

It certainly seems that not a week goes by without hearing about yet another attack on Facebook users. Last week it was a phishing scam driven by a botnet, and this week, we have two new and different phishing scams — one cleverly tricking users into revealing their passwords and another installing malware that quietly [...]



By: - Forensics and Security Expert

@phenrycissp

Twitter XSS Vulnerability Continues to Plague the Internet

August 27th, 2009

The current Twitter cross-site-scripting vulnerability (Twitter XSS vulnerability) should not be a surprise to anyone given how new the Twitter platform is.  For millions of its users including myself, we have all seen our fair share of bugs and issues such as Twitter downtime for maintenance, lost profile pictures, misdelivered direct messages and publicly revealed [...]



By: - Forensics and Security Expert

@phenrycissp

Firefox Users Join the Legions of Victims in Drive-By Malware

July 16th, 2009

Not so long ago, if you wanted to quickly take control of a user’s PC, you scanned the Internet looking for open ports for a vulnerable victim and hacked them with an OS vulnerability. In the age of Web 2.0, OS vulnerabilities have been replaced with browser vulnerabilities as the “keys to the kingdom,” and [...]



By: - Forensics and Security Expert

@phenrycissp

MyDoom Virus Returns with a Vengeance – DDoS Attacks on US and S. Korean Web Sites

July 8th, 2009

An updated virus (MyDoom)- not a botnet is responsible for the DDoS attacks against US and South Korean websites this past weekend. The virus discovered back in 2004 has been updated to now include a list of websites that have become targets of a DDoS attack as the virus spreads. The list of Web sites [...]



By: - Forensics and Security Expert

@phenrycissp

Profile of the World’s Top Hackers – How the Game has Changed

July 1st, 2009

My take: New Internet-based technologies bring new opportunities for the bad guys. The growth of the applications we use has gone from dozens to nearly 1,000. The losses are huge, and while the top-line number is disputable, no one can argue that cybercrime losses have reached previously unforeseen levels. Regardless of whose survey you read, [...]



By: - Dir. Solutions Marketing

Chris’ Security Cache Contemplation: Week 4

June 18th, 2009

Miscellaneous interesting news / tidbits I’ve run across whilst trying to keep up with/clean out my RSS feed … Cyberczar. Lots of discussion about the “Cyber Czar” appointment in the US (apparently the EU is contemplating something similar) … who is it going to be? [some are suggesting Scott Charney, head of Microsoft's cybersecurity division] [...]


By: - Forensics and Security Expert

@phenrycissp

Bigger, Nastier Botnets: Now Cheaper to Rent on the Black Market

June 15th, 2009

According to a recent advertisement posted to the user comment areas of multiple blog sites across the Internet, the cost to rent a botnet to launch a Distributed Denial of Service attacks (DDos) has fallen dramatically. One has to wonder if it is the current state of the economy or simply the expansion of the [...]


By: - Forensics and Security Expert

@phenrycissp

Meet Gumblar – Son of Conficker

June 1st, 2009

Back in 2008, it was reported that a website was compromised once every five seconds to contain web-borne malware. Today, the rate is still increasing, as another website is reportedly now being compromised every 4.5 seconds. The end game remains the same – downloading and installing malware.  The compromised PC most often becomes a soldier in [...]


By: - Dir. Solutions Marketing

Big Macca Attacka

May 5th, 2009

Wasn’t it Jerry Rubin, founding member of the Yippie movement and famous member of the Chicago 7, who once told us “don’t trust anybody over 30”? [ed: well, no; actually, it was Jack Weinberg.] Of course, this famous counter-culture saying from the 60′s was later changed to “don’t trust anyone under 30” (subject of this [...]


By: - Forensics and Security Expert

@phenrycissp

Nasty Virus / Trojan Lurking in the Wild

April 27th, 2009

With Conficker still fresh on our minds, a new potential menace has emerged.  The remote access capability of a Trojan that spreads like a Virus – W32.Virut.CF (Symantec) or W32/Scribble-A (Sophos) is poised to wreak havoc on networks over the coming days.  Embedding itself deep within infected machines, the Trojan will make it difficult to [...]


By: - Forensics and Security Expert

@phenrycissp

IT Pros Face Vulnerabilities Galore Post RSA Conference

April 27th, 2009

While IT pros were attending RSA Security Conference in San Francisco last week, several urgent patches and upgrades were released to address serious security vulnerabilities in several widely used software. Further, the discovery of a botnet tied explicitly to Mac PCs is a not so subtle reminder that security vulnerabilities are not simply a Microsoft issue. Apple “iBotnet” – [...]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com