By: - Senior Architect

@danteal

Hiding Under the Covers

May 15th, 2013

“All warfare is based on deception” – Sun Tzu, The Art of War Attackers like stealth.  Once they have compromised a system, one of their primary goals is to remain undetected. Initially, attackers used malware with pseudo Windows service names such as svchosts.exe, winlogin.exe, lsasss.exe, and others. Although these names appear to be innocuous, power [...]


By: - IT Security Expert

BYOD or BYOT (Bring Your Own Threat)…The Case for Mobile Devices as Endpoints

May 7th, 2013

Lumension recently conducted a survey of more than 1,600 IT professionals on Linkedin regarding their thoughts on BYOD and mobile security. You can check it out here. There is a lot of interesting information in this survey, with one of the main takeaways was for these respondents’ organizations, BYOD is really all about end-user satisfaction [...]


By: - Dir. Solutions Marketing

Changeup Information Sharing

May 6th, 2013

We were talking with the CIO of a major healthcare company the other day who told us that his day had gone sideways because of the re-emergence of the ChangeUp worm / Trojan. This was news to me. I mean, yes, I’m a little behind in my reading, but I’d not heard much about ChangeUp [...]


By: - Technology Reporter

@jleclaire

New School Cyber Crooks Using Old School Malware Tricks

April 29th, 2013

You can teach old crooks new tricks, but many cyber criminals are discovering that the old tricks are working just fine. Indeed, recent security headlines feature old school malware attacks, like the MiniDuke. And old school botnets with creative new names are bum rushing the Internet. At the same time, reflective memory injection (RMI) attacks, which blend [...]


By: - Windows Security Subject Matter Expert

@randyfsmith

Anatomy of Reflective Memory Attacks

April 10th, 2013

Ophiocordyceps unilateralis is a parasitical fungus that, beginning with a microscopic spore, infects a certain species of ant using a series of attacks, one building on the other until it controls the ant’s brain for its own bidding.  The fungus can’t just land on the ant, consume it and reproduce.  It needs to get inside the ant [...]


By: - Forensics and Security Expert

@phenrycissp

Embedded Chinese Malware – Theoretical Threat or Practical Issue?

April 4th, 2013

Before we begin discussing the issue of the theoretical or practical reality in the potential threat of the Chinese embedding malware in the computer equipment they manufacture, consider this: Just a few years ago who would have thought that any government (never mind our own) would have created malware to attack another government’s computer systems [...]


By: - Information Security Reporter

@kevtownsend

Advanced Volatile Threat – Is an Old Threat the New New Threat?

March 19th, 2013

“In the meantime,” wrote [1] John Prisco, president and CEO of start-up firm Triumfant, “while our attention has been diverted towards APT1-style attacks, a more sophisticated and dangerous attack vector has emerged and will likely become more and more commonplace among cyber criminals: the Advanced Volatile Threat or AVT.” Chillingly he adds, “you’ve been warned.” [...]


By: - Windows Security Subject Matter Expert

@randyfsmith

9 Mistakes APT Victims Make

March 13th, 2013

A couple years ago, Bruce Schneier said that against an APT attacker, “the absolute level of your security is what’s important. It doesn’t matter how secure you are compared to your peers; all that matters is whether you’re secure enough to keep him out.” Those words have proven true over and over again. APT attackers [...]


By: - Forensics and Security Expert

@phenrycissp

Eliminating Java Will Not Solve Your Problem

March 6th, 2013

While many are jumping on the ‘Death to Java’ bandwagon and ranting about turning off Java to eliminate risk, it is important to put the issue in the proper context: the reality of the matter is a Java vulnerability is not the end game for a cyber criminal; it is merely a delivery mechanism in [...]


By: - SVP Global Marketing

@cedwardbrice

Why the Bit9 Hack is Not a Failure of Application Control, Whitelisting

February 19th, 2013

There’s never a dull day in the security industry. Anymore, we rarely have to look beyond the proverbial front page for news on the latest hack. Cyber attacks are increasing in volume and sophistication and no one is immune. Two weeks ago, my preferred grocery store here in Phoenix announced they had been breached. And [...]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com