By: - Independent Computer Security Analyst


Patching Haste Makes Waste

February 20th, 2015

Sometimes it’s better if software patches don’t come out too quickly. Such was the case when Microsoft issued its regular round of Patch Tuesday updates earlier this month, leaving some unhappy. Some PowerPoint users, for instance, found that a fix designed to make PowerPoint 2013 more stable was actually causing more problems than it aimed to […]

By: - Director, Product Management


Patch Management with Microsoft System Center

May 20th, 2014

Compliance and patch management is important, even for Linux and UNIX computers. Starting with System Center 2012 SP1, you can deploy and update software on Linux and UNIX servers using Configuration Manager, but how do Configuration Manager features translate into compliance and patch management? This session explores several solutions to patching Linux/UNIX servers, taking a […]

By: - Independent Computer Security Analyst


Isn’t It Time Oracle Gave Us Monthly Security Updates for Java?

March 24th, 2014

In some ways, it could be argued that Java is an incredible success. I’m serious. Stop laughing at the back. You see, according to Oracle, Java’s developer, the product is used on over 3 billion different devices worldwide. That *is* impressive. But, for those of us concerned with securing systems and keeping computer data safe, […]

A Win-Win for Missouri S&T

September 5th, 2013

Missouri University of Science & Technology faces a set of challenges many post-secondary organizations similarly face. On one side of the problem set, we have a whole fleet of student-owned endpoint devices—over 7,000—connecting to the network without any kind of centralized management because the university only has the means to manage campus-owned systems. On the […]

By: - Forensics and Security Expert


Nothing Pretty About Fireworks Delivered From Microsoft This Patch Tuesday

July 9th, 2013

IT admins may have taken the Fourth off to enjoy some fireworks, but they’ll be very busy this week patching their systems. It’s not a pretty Patch Tuesday this month with 7 bulletins, 6 of which are critical. That brings our total of critical bulletins for the year to 22, which is fairly high, considering […]

By: - Dir. Solutions Marketing

Much Ado About Java

June 12th, 2013

So, have you seen the latest about Java? Seems most organizations are still running (really) old versions. And even the current version has what is technically known as a shit-ton of zero-day vulnerabilities. And so Oracle is changing their vulnerability numbering system to accommodate all of them, in addition to taking other steps surrounding Java […]

By: - Windows Security Subject Matter Expert


Growing Threat From Vendors’ Friendly Fire

October 15th, 2012

After we learned that Flame exploited Microsoft’s Auto Update infrastructure, I pointed out that if attackers were able to compromise Microsoft, a leader in patch management, it couldn’t be long before bad guys exploited the update infrastructures of other vendors who are far behind Microsoft – like Adobe…  And that’s exactly what happened a couple […]

By: - Dir. Solutions Marketing

DNSChanger Trojan: Not All Doom and Gloom

May 9th, 2012

If your server(s) have been infected by the DNSChanger Trojan and you’ve not done anything about it, time is running out. You have until July 9, 2012 to get your systems fixed, or you’ll lose internet access until you do. This insidious little Trojan – variously known as TDSS, Alureon, TidServ, and TDL4 malware – […]

By: - Forensics and Security Expert


Is BackDoor.Flashback.39 Trojan Going to be Apple’s Conficker?

April 9th, 2012

With 274 of the 600,000 infected Mac’s now being reported as being in Cupertino – Apple’s hometown – maybe they will feel a little of the pain their users are now feeling and get serious about being more candid and perhaps more revelaing in their patch release notifications. Calculating the number of infected Macs this […]

By: - IT Security Expert

Life After an Attack

September 9th, 2011

Hackers never sleep–as Citigroup can certainly attest to, having their consumer information twice hacked in a span of only three months. While we are counting sheep, the bad guys are of course looking for a way in, lurking and waiting for a vulnerable minute to strike. And all too often, this happens to organizations that […]

By: - Dir. Solutions Marketing

USBs: Unsafe at Any Speed?

August 12th, 2011

I always enjoy hearing about our venerable events in the popular press – sometimes they’re yuk-inducing, like this bit on Marketplace about their reporter asking about getting WiFi at Black Hat 2011 (see here or listen here for the whole piece). And although I did not attend, I’ve been trying to catch up on some […]

By: - Forensics and Security Expert


April Showers Bring May Flowers, and Patch Tuesday is No Exception

May 10th, 2011

Last month it poured when Microsoft released 17 security bulletins that addressed a total of 64 vulnerabilities. For today’s Patch Tuesday, we have a light load; however, both patches address remote code execution and one is critical.  So both require immediate attention. The critical patch MS11-035 Vulnerability in WINS addresses an issue with all supported […]

By: - Former Chairman and CEO, Lumension


Playing the Security Game? Think Before Simply Clicking ‘Renew’

April 26th, 2011

If your organization is anything like the companies we’ve been speaking with, then you know first-hand the headache and ongoing challenge that the rising cost of malware has created. In fact, 48 percent of organizations recently reported an increase in their IT operating expenses, according to the 2010 Ponemon Institute study commissioned by Lumension. Significantly, […]

By: - Forensics and Security Expert


2011 Has Potential to be a Really Bad Year

April 20th, 2011

If we look at how 2010 ended there is perhaps good reason for IT security pros to already be nervous in 2011. According to the end of year report from IBM X-Force, at least 44% of all vulnerabilities disclosed in 2010 had no corresponding patch by end of year. Not only do we have to […]

By: - Forensics and Security Expert


Microsoft Prepares Out Of Band Patch For “Globe Trotting” LNK File Issue

July 30th, 2010

As more malware writers began to incorporate the Microsoft LNK issue (CVE-2010-2568) into their malicious code, Microsoft last week published a workaround and is […]

IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us