By: Chris Merritt - Dir. Solutions Marketing
Much Ado About Java
June 12th, 2013
So, have you seen the latest about Java? Seems most organizations are still running (really) old versions. And even the current version has what is technically known as a shit-ton of zero-day vulnerabilities. And so Oracle is changing their vulnerability numbering system to accommodate all of them, in addition to taking other steps surrounding Java [...]
Growing Threat From Vendors’ Friendly Fire
October 15th, 2012
After we learned that Flame exploited Microsoft’s Auto Update infrastructure, I pointed out that if attackers were able to compromise Microsoft, a leader in patch management, it couldn’t be long before bad guys exploited the update infrastructures of other vendors who are far behind Microsoft – like Adobe… And that’s exactly what happened a couple [...]
By: Chris Merritt - Dir. Solutions Marketing
DNSChanger Trojan: Not All Doom and Gloom
May 9th, 2012
If your server(s) have been infected by the DNSChanger Trojan and you’ve not done anything about it, time is running out. You have until July 9, 2012 to get your systems fixed, or you’ll lose internet access until you do. This insidious little Trojan – variously known as TDSS, Alureon, TidServ, and TDL4 malware – [...]
Is BackDoor.Flashback.39 Trojan Going to be Apple’s Conficker?
April 9th, 2012
With 274 of the 600,000 infected Mac’s now being reported as being in Cupertino – Apple’s hometown – maybe they will feel a little of the pain their users are now feeling and get serious about being more candid and perhaps more revelaing in their patch release notifications. Calculating the number of infected Macs this [...]
By: Paul Zimski - IT Security Expert
Life After an Attack
September 9th, 2011
Hackers never sleep–as Citigroup can certainly attest to, having their consumer information twice hacked in a span of only three months. While we are counting sheep, the bad guys are of course looking for a way in, lurking and waiting for a vulnerable minute to strike. And all too often, this happens to organizations that [...]
By: Chris Merritt - Dir. Solutions Marketing
USBs: Unsafe at Any Speed?
August 12th, 2011
I always enjoy hearing about our venerable events in the popular press – sometimes they’re yuk-inducing, like this bit on Marketplace about their reporter asking about getting WiFi at Black Hat 2011 (see here or listen here for the whole piece). And although I did not attend, I’ve been trying to catch up on some [...]
April Showers Bring May Flowers, and Patch Tuesday is No Exception
May 10th, 2011
Last month it poured when Microsoft released 17 security bulletins that addressed a total of 64 vulnerabilities. For today’s Patch Tuesday, we have a light load; however, both patches address remote code execution and one is critical. So both require immediate attention. The critical patch MS11-035 Vulnerability in WINS addresses an issue with all supported [...]
Playing the Security Game? Think Before Simply Clicking ‘Renew’
April 26th, 2011
If your organization is anything like the companies we’ve been speaking with, then you know first-hand the headache and ongoing challenge that the rising cost of malware has created. In fact, 48 percent of organizations recently reported an increase in their IT operating expenses, according to the 2010 Ponemon Institute study commissioned by Lumension. Significantly, [...]
2011 Has Potential to be a Really Bad Year
April 20th, 2011
If we look at how 2010 ended there is perhaps good reason for IT security pros to already be nervous in 2011. According to the end of year report from IBM X-Force, at least 44% of all vulnerabilities disclosed in 2010 had no corresponding patch by end of year. Not only do we have to [...]
Microsoft Prepares Out Of Band Patch For “Globe Trotting” LNK File Issue
July 30th, 2010
As more malware writers began to incorporate the Microsoft LNK issue (CVE-2010-2568) into their malicious code, Microsoft last week published a workaround and is [...]
FREE Scanner
Free eBook
Over 80% of IT Directors say that mobile devices represent the greatest network security threat.
