By: - Independent Computer Security Analyst

@gcluley

PayPal left red-faced after more security holes found in two factor authentication

August 6th, 2014

Just over a month ago, security researchers revealed that one of PayPal’s primary mechanisms to protect accounts from hackers had been fundamentally flawed for years. Researchers at Duo Security discovered a method of bypassing the two-factor authentication (2FA) technology used by the site, which is supposed to protect your account should your PayPal username and password […]



By: - Senior Architect

@danteal

People Are Your Last Line of Defense

April 29th, 2014

The increasing numbers of attacks profiled in news reports over the last several months demonstrate that we live in an unsecure world.  The Target breach in particular shows how important a complete cyber security program is to an enterprise network environment.  Target’s security systems generated events from the attack, but the events were not followed […]



By: - Dir. Solutions Marketing

Global Trends in Data Protection Maturity

January 30th, 2014

The other day, coinciding with Data Privacy Day, we presented the results of our 3rd annual Data Protection Maturity survey. Here’s a quick recap. In late 2013 we conducted an online worldwide survey of IT professionals to find out how much progress is being made in data protection. We had almost 400 completed responses from […]



By: - IT Secured. Success Optimized.

@_lumension

Today is International Data Privacy Day

January 28th, 2014

Lumension is a proud supporter of Data Privacy Day – an international effort hosted by the National Cyber Security Alliance to educate people on the importance of protecting their personal information and their employer’s data. Data is a valuable commodity and highly sought after by cyber criminals. Whether you are an employee at a small […]



By: - IT Security Expert, Author

@stiennon

Three Lessons Learned From the NSA’s Use of Big Data and Security Analytics

August 14th, 2013

Security analytics is the term being applied to the new methods being developed to counter sophisticated targeted attacks. The idea is simple but implementation requires skill sets that have yet to be acquired by most organizations. Gather as much data as possible, apply filters derived from security intelligence, and identify attacks in progress or already […]



By: - Forensics and Security Expert

@phenrycissp

The Danger of Open Access to University IP

July 22nd, 2013

When I saw last week’s New York Times story about the problems universities are experiencing with cyber attacks, my first thought was one of surprise. Wasn’t this kind of story published years ago? Hackers are opportunistic and universities pride themselves on providing free and open access to materials. Cyber attacks on research universities have been […]



By: - Technology Reporter

@jleclaire

To Layer or Integrate? That is the Question

June 27th, 2013

Indeed, the debate over whether to mix a myriad of tools and technologies to create a bulletproof shield that hackers can’t invade or to take an integrated approach to in-depth defense to combat persistent threats is ongoing. But more cyber security analysts are speaking out about the benefits of integration. Also known as layered defense, […]



By: - Forensics and Security Expert

@phenrycissp

Securing the Internet of Things

June 6th, 2013

Gone are the days when the Internet was something accessed only through a PC attached to an Ethernet plug. Access is now available from anywhere and via a multitude of form factors. The Internet has moved beyond the computer and even your smartphone into the most unlikely of things. Your TV, your thermostat, even your […]



By: - Former Chairman and CEO, Lumension

@pclawson

3 Executive Strategies to Prioritize Your IT Risk

May 22nd, 2013

Every company wants to know the best way to protect their company, but it can be difficult when faced with the evolving security challenges of today. I recently sat down with Richard Mason, VP & CSO at Honeywell, Roger Grimes, security columnist and author, to get their thoughts on risk management best practices. I hope […]



By: - Dir. Solutions Marketing

ZIP Codes Are … PII?!

April 15th, 2013

Mr. ZIP (or Zippy to his friends) was born back in July 1963 and the soon-to-be 50-year-old is finally getting some privacy … in Massachusetts at least. The Massachusetts Supreme Court recently determined that under Mass. Gen. Laws, ch. 93, § 105(a), “personal identification information” includes a consumer’s ZIP code and decided that collecting such […]


By: - Windows Security Subject Matter Expert

@randyfsmith

Anatomy of Reflective Memory Attacks

April 10th, 2013

Ophiocordyceps unilateralis is a parasitical fungus that, beginning with a microscopic spore, infects a certain species of ant using a series of attacks, one building on the other until it controls the ant’s brain for its own bidding.  The fungus can’t just land on the ant, consume it and reproduce.  It needs to get inside the ant […]


By: - Forensics and Security Expert

@phenrycissp

Embedded Chinese Malware – Theoretical Threat or Practical Issue?

April 4th, 2013

Before we begin discussing the issue of the theoretical or practical reality in the potential threat of the Chinese embedding malware in the computer equipment they manufacture, consider this: Just a few years ago who would have thought that any government (never mind our own) would have created malware to attack another government’s computer systems […]


By: - Former Chairman and CEO, Lumension

@pclawson

Are Journalists Sitting Ducks?

March 26th, 2013

Remember Mat Honan – a Wired reporter that covers consumer electronics? He had his entire digital life erased last summer. His Google account was deleted, his Twitter taken over, his iPhone, iPad and MacBook erased. How about the New York Times hack? Chinese hackers allegedly broke into the paper’s systems, stole passwords and watched reporters, […]


By: - IT Security Expert

Global 2013 Trends in Data Protection Maturity

March 25th, 2013

Protecting sensitive information has become increasingly difficult the last few years – if you haven’t recognized this fact and modified your security approach recently, you’ve got issues. One reason for this is the explosion of mobile devices on our networks. While convenient for our users and a significant productivity booster for our business, this new […]


By: - Information Security Reporter

@kevtownsend

Advanced Volatile Threat – Is an Old Threat the New New Threat?

March 19th, 2013

“In the meantime,” wrote [1] John Prisco, president and CEO of start-up firm Triumfant, “while our attention has been diverted towards APT1-style attacks, a more sophisticated and dangerous attack vector has emerged and will likely become more and more commonplace among cyber criminals: the Advanced Volatile Threat or AVT.” Chillingly he adds, “you’ve been warned.” […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com