By: - IT Security Expert

Avoiding the User Blame Game

October 10th, 2013

It might not be part of any formal forensics or incident response policy, but odds are at most organizations, whenever a malicious hacking attack hits the mark there’s one step rarely missed: blaming the user. Users do some boneheaded things sometimes so pointing the finger at them is easy. But the truth is if IT […]



By: - Forensics and Security Expert

@phenrycissp

Securing the Internet of Things

June 6th, 2013

Gone are the days when the Internet was something accessed only through a PC attached to an Ethernet plug. Access is now available from anywhere and via a multitude of form factors. The Internet has moved beyond the computer and even your smartphone into the most unlikely of things. Your TV, your thermostat, even your […]



By: - Chairman and CEO, Lumension

@pclawson

Big Brother is Listening Too – Are Journalists Sitting Ducks Part II

May 29th, 2013

Since writing “Are Journalists Sitting Ducks?” a few months back in response to the New York Times being targeted by Chinese hackers, several more high profile news organizations have been hacked including The Onion, AP, Financial Times and BBC. It’s apparent this trend is not going away any time soon. To add insult to injury, […]



By: - Technology Reporter

FBI Apple AntiSec Chess Match

September 12th, 2012

The denials by the FBI and Apple that unique device identifiers (UDIDs) of Apple devices were breached would seem to put to rest Anonymous spinoff AntiSec’s claim that it was able to steal 12 million UDIDs from Special Agent Christopher Stangl’s notebook computer. Right? Not so fast. A number of media outlets have confirmed with […]



By: - Dir. Solutions Marketing

Change Your LinkedIn Password – Now!

June 6th, 2012

LinkedIn – the online professional networking site which I suspect many Optimal Security blog readers use – has apparently been hacked, resulting in something like 6.5M SHA-1 hashed passwords being posted in a Russian hacker site. This evolving situation will certainly be updated through-out the day (and beyond), so I don’t want to recap the […]



By: - Dir. Solutions Marketing

Novel New USB Attack

July 19th, 2010

News about a new attack via USB flash drive, known as Stuxnet.B, is surfacing. The Belarusian antivirus company VirusBlokAda recently discovered it and published a report on it. There are several points about this attack which make it both novel and unique, even though infection / propagation via USB flash drives is very common. To […]



By: - Dir. Solutions Marketing

HITECH Breach Data: the Good, the Bad, and the Ugly

March 1st, 2010

As I’ve discussed before, one of the requirements of the HITECH Act is for the Secretary of the Department of Health & Human Services (HHS) to publish a list of all breaches of healthcare data covered by the HIPAA security rule on a yearly basis. The first such publication has been made, covering the period […]



By: - Sr. Director Solutions and Strategy

@donleatham

“Security” on the WSJ Front Page – A Cautionary Tale

January 15th, 2010

Having a security problem on the front page of the Wall Street Journal is never a good thing for the companies involved, but it can be instructive for everyone else.Unfortunately, many will ignore the high-profile coverage of China’s spear phishing attack on Google, Adobe and over thirty other businesses.They will think that this is a […]



By: - Sr. Director Solutions and Strategy

@donleatham

“Micro-Botnet” – The Cybercriminal’s Choice for Enterprise Data Stealing?

September 28th, 2009

Last winter and spring we all watched with interest the headlines heralding the spread of the Confickr botnet.  The under-reported part of the story was that fact that well-patched enterprise networks were largely unaffected by Confickr’s bloom.  In some circles, this seems to have lead to a complacency or belief that botnet infections are not […]



By: - Chairman and CEO, Lumension

@pclawson

Breaking Down the Military Fiefdoms by Building a “Fifth Arm” to Combat Cyber Security

August 4th, 2009

The recent attacks on U.S. and South Korean IT infrastructure has once again raised awareness around national cybersecurity issues here in the States. While I certainly agree with my security colleagues that it is high time that President Obama finally appoint a cybersecurity czar to head up the overarching public-private initiatives that have been promised, […]


By: - Dir. Solutions Marketing

Chris’ Security Cache Contemplation: Week 6

July 6th, 2009

A quick note on some interesting news/tidbits I’ve run across whilst trying to keep up with/clean out my RSS feed before I head out for the 4th of July weekend… The Iceman Goeth. Saw where Max Ray Vision (nee Butler), aka “Iceman,” has plead guilty to two counts of wire fraud stemming from the theft […]


By: - Forensics and Security Expert

@phenrycissp

July 2009 Spells Twitter Bugs for Its Users

June 22nd, 2009

Security researchers have long used dedicated reporting websites to highlight the need to secure specific applications or services by hosting hacking challenges for members of the research and hacking communities to publicly post discovered vulnerabilities. The latest challenge called “Twitpwn” will highlight newly discovered vulnerabilities and proof of concept code that involve Twitter, a micro-blogging site, but will […]


By: - Dir. Solutions Marketing

Chris’ Security Cache Contemplation: Week 4

June 18th, 2009

Miscellaneous interesting news / tidbits I’ve run across whilst trying to keep up with/clean out my RSS feed … Cyberczar. Lots of discussion about the “Cyber Czar” appointment in the US (apparently the EU is contemplating something similar) … who is it going to be? [some are suggesting Scott Charney, head of Microsoft's cybersecurity division] […]


By: - Forensics and Security Expert

@phenrycissp

New Microsoft IIS 6 Issue Could Become a Nightmare for IT Professionals

May 19th, 2009

While Microsoft may believe that its Internet Information Services 6 Web-server software issues are only limited to a data leakage issue and not necessarily a larger immediate threat, Microsoft should consider other aspects of this issue and accelerate a solution to protect the community at large. The Bigger Picture At first glance, the issue with […]


By: - Chairman and CEO, Lumension

@pclawson

The State of Digital Cyber Warfare: What’s Next?

May 15th, 2009

A Q&A with Pat Clawson and Mike Jacobs As the nation’s cyber defenses continue to face attack by sophisticated, well-organized efforts to disrupt vital systems and steal critical, confidential information, our government is facing greater pressure to create a governing body that can establish and enforce mandates to protect critical networks and systems. Cyber criminals have […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com