By: - Independent Computer Security Analyst


Who Does China Blame for a Third of All Cyber Attacks Against It? The USA

March 31st, 2014

A few years ago, in what we call the BS era (“Before Snowden”), there were frequent accusations levelled against China for attempting to hack into foreign country’s computer systems and steal information. And, to be fair, there was often good reason to suspect that some attacks were conducted with the endorsement of the Beijing authorities. [...]

By: - IT Security Expert

Employ a Targeted Defense Against Targeted Threats

November 11th, 2013

In my last post, I discussed the reality of APT hitting unsuspecting organizations with a predictable pattern. Study after study indicates people are being hit by malicious hackers and the attack goes on for months before anyone is any the wiser. If they ever know. Some very large companies, with hundreds of business units and [...]

By: - IT Security Expert

The Predictable Pattern of APTs

November 6th, 2013

It used to be that only large, Fortune 500-sized businesses had to worry about targeted threats, or APTs. Today, it’s a whole new ballgame. Sophisticated, malicious hackers use focused resources for small- and medium-sized companies too. Everyone is a target and your risk is multiplied if you do business with important partners and business associates [...]

By: - Chairman and CEO, Lumension


NIST Releases Preliminary Cybersecurity Framework for Critical Infrastructure

October 23rd, 2013

In February, President Obama signed an Executive Order that called for increased cyber-threat information sharing between government and private companies who oversee our country’s critical infrastructure. The goal was to break down the barriers that cause privately-managed critical infrastructure companies to work independently of the government groups that could create a repository of intel on [...]

By: - Chairman and CEO, Lumension


Social Media: the Bad Guys’ Perfect Playground

October 1st, 2013

October marks the 10th anniversary of National Cyber Security Awareness Month, a public education campaign spearheaded by our colleagues at the National Cyber Security Alliance. It’s somewhat disheartening to consider the lack of progress made in cyber security over the last 10 years; cyber criminals continue to wreak havoc stealing personal identities, corporate IP, and [...]

By: - Technology Reporter


Malware Going Rogue

September 16th, 2013

A quick scan of news headlines shows the practical side of cybercrime. As you read this, a fake “Grand Theft Auto V’ torrent is racing to spread its infectious payload. An Advanced Persistent Threat (APT) called NetTraveler is doing its dirty work, most recently via a known Java vulnerability. Fake Xerox emails are delivering malware [...]

By: - Chairman and CEO, Lumension


Advice for the Incoming DHS Secretary

September 12th, 2013

A few weeks after retiring Department of Homeland Security Secretary Janet Napolitano gave a farewell speech, we are still unclear on her replacement unfortuntely. In that departure speech, Napolitano advised her successor “You will need a large bottle of Advil.” Given the DHS Secretary is responsible for dealing with everything from natural disasters to terrorists attacks, [...]

By: - Forensics and Security Expert


Apple Fingerprint Scanner: Game Changer or Game Over?

September 11th, 2013

Apple’s announcement of the company’s new iPhone 5S comes equipped with a fingerprint scanner has the potential to be a real game changer for personal device security – if it’s done right. There are two factors that will determine the real success of this new feature, which has undeniable potential. First, reliability and second, security – though [...]

By: - IT Security Expert, Author


Three Lessons Learned From the NSA’s Use of Big Data and Security Analytics

August 14th, 2013

Security analytics is the term being applied to the new methods being developed to counter sophisticated targeted attacks. The idea is simple but implementation requires skill sets that have yet to be acquired by most organizations. Gather as much data as possible, apply filters derived from security intelligence, and identify attacks in progress or already [...]

By: - Dir. Solutions Marketing

Beware of the Crapper Hacker

August 5th, 2013

News late last week from Trustwave of a security vulnerability in a new line of Japanese toilets. And while funny in its own way, it does serve as a warning for manufacturers and consumers alike as we move into an even more connected world. As everyone probably knows, Japanese toilets are a modern technological marvel. [...]

By: - Forensics and Security Expert


The Danger of Open Access to University IP

July 22nd, 2013

When I saw last week’s New York Times story about the problems universities are experiencing with cyber attacks, my first thought was one of surprise. Wasn’t this kind of story published years ago? Hackers are opportunistic and universities pride themselves on providing free and open access to materials. Cyber attacks on research universities have been [...]

By: - Chairman and CEO, Lumension


Hacking the Hacker: The Downside to Vigilante Justice

July 2nd, 2013

Imagine you woke up one morning to find all of your possessions gone. Someone broke into your house in the dead of night and stole all of your things. You don’t know how they did it or who it was, but the fact remains: your stuff is gone. You might step outside, see the broken [...]

By: - Information Security Reporter


Compliance Is Bad for Security

June 18th, 2013

There are two separate approaches to keeping data safe: compliance and security. The first is a legal/regulatory obligation; the second is not. If you ask a compliance author, whether that’s a government legislator or a bureaucratic regulator, what is the purpose of compliance, the reply will be ‘to ensure security.’ If you ask the same [...]

By: - Forensics and Security Expert


Securing the Internet of Things

June 6th, 2013

Gone are the days when the Internet was something accessed only through a PC attached to an Ethernet plug. Access is now available from anywhere and via a multitude of form factors. The Internet has moved beyond the computer and even your smartphone into the most unlikely of things. Your TV, your thermostat, even your [...]

By: - Chairman and CEO, Lumension


CISPA, FISMA Passed the House. Now What?

April 24th, 2013

CISPA, the Cyber Intelligence Sharing and Protection Act, passed the US House of Representatives late last week and will move to the Senate for further debate. If this rings a bell, it should. Last summer, CISPA passed the House before stalling in the face of a Senate filibuster. Of course, it was not the only [...]

IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us