By: - Dir. Solutions Marketing

July Java Jamboree

July 15th, 2014

The latest Critical Patch Update (CPU) from Oracle has been released today. Based on the pre-release information, the July 2014 CPU contains 113 new security vulnerability fixes, covering everything from its flagship database and Fusion Middleware to Hyperion and Solaris. [See update below.] Of particular interest to endpoint administrators will be the 20 vulnerabilities in […]



By: - Independent Computer Security Analyst

@gcluley

Java on XP?

July 14th, 2014

Is it still supported, and what should you do about it? Well done to Oracle, which has successfully managed to confuse everyone about what the situation is regarding whether Java (a development platform with a long history of security holes) will continue to be properly supported on Windows XP (an operating system with a long […]



By: - Dir. Solutions Marketing

Much Ado About Java

June 12th, 2013

So, have you seen the latest about Java? Seems most organizations are still running (really) old versions. And even the current version has what is technically known as a shit-ton of zero-day vulnerabilities. And so Oracle is changing their vulnerability numbering system to accommodate all of them, in addition to taking other steps surrounding Java […]



By: - Forensics and Security Expert

@phenrycissp

Before, During and After Patch Tuesday: A Survival Guide

August 13th, 2012

It’s been said that there are only two types of companies left in the world: those who know they’ve been hacked and those who don’t. We have to hope that there’s still a third group: those who have not been hacked. You can be sure those who belong to the third group are those who […]



By: - Forensics and Security Expert

@phenrycissp

Keys to the Kingdom

October 28th, 2011

For hackers, social media is the top malware delivery vehicle of choice right now. And why not? Social networking sites are where the people are – and their information is readily available. Sadly, many unsuspecting people fail to realize that by creating a Facebook page, they are literally handing bad guys all the necessary needed […]



By: - Dir. Solutions Marketing

Novel New USB Attack

July 19th, 2010

News about a new attack via USB flash drive, known as Stuxnet.B, is surfacing. The Belarusian antivirus company VirusBlokAda recently discovered it and published a report on it. There are several points about this attack which make it both novel and unique, even though infection / propagation via USB flash drives is very common. To […]



By: - Forensics and Security Expert

@phenrycissp

May 2010 Patch Tuesday Security Briefing

May 12th, 2010

video

Microsoft has released two security bulletins this month, MS10-030 and MS10-031 to address two vulnerabilities in Microsoft Windows and Microsoft Office, both rated Critical. As both bulletins are rated as critical, they will both demand a high priority in their deployment across the enterprise. For more information on Microsoft and other vendor patches, please visit […]



By: - Forensics and Security Expert

@phenrycissp

Light Patch Tuesday as New Antivirus Issue Arises

May 11th, 2010

Microsoft has released two security bulletins this month, MS10-030 and MS10-031 to address two vulnerabilities in Microsoft Windows and Microsoft Office, both rated Critical. As both bulletins are rated as critical, they will both demand a high priority in their deployment across the enterprise. Details: MS10-030 resolving one vulnerability affecting Outlook Express, Windows Mail and […]



By: - Forensics and Security Expert

@phenrycissp

Will 2010 be the Year of Zero-Day Vulnerabilities for Browsers?

March 23rd, 2010

It certainly seems that in 2010, a month doesn’t go by without hearing about yet another zero-day threat affecting a popular browser software. In the first quarter of 2010, we already have seen new zero-day issues in the most popular browsers in use today: Microsoft reported yet another new zero-day issue with Internet Explorer, and […]



By: - Dir. Solutions Marketing

Kneber BotNet / Zeus Trojan Strikes!

February 18th, 2010

Makes Us Wonder if Web 2.0 / Social Apps are a Boon or a Bane.


By: - Sr. Director Solutions and Strategy

@donleatham

Adobe Joins the Microsoft Patch Party – Every Third Month

May 22nd, 2009

On Wednesday, Brad Arkin, Director of Product Security and Privacy at Adobe, announced that Adobe would be joining in on Microsoft’s Patch Tuesday party by scheduling security update releases on the first Tuesday of every quarter ( http://blogs.adobe.com/asset/).  I can hear a collective sigh of relief and a communal “It’s about time!” issuing out of […]


By: - Sr. Director Solutions and Strategy

@donleatham

Give Mom a Unique Gift, a More Secure Browser!

May 8th, 2009

The second Sunday in May is Mother’s Day. Traditionally a day of flowers, candy, cards and long-distance calls. I suspect there will be many Moms getting the gift of Skype plus a webcam, but why not sprinkle in a little online security? This Sunday, take the time to make sure Mom is running a modern […]


By: - Forensics and Security Expert

@phenrycissp

Conficker Evolution: One Step Closer to Becoming a Huge Botnet and an Even Bigger Problem

March 13th, 2009

A quick review of the evolution of Conficker – those who failed to patch found themselves stuck in yet another malware arms race with hackers: 1.    On or around November 24th well after the release of the respective patch from Microsoft, Conficker “A” quickly took advantage of the previously patched buffer overflow in the Microsoft […]


By: - Chairman and CEO, Lumension

@pclawson

There is No Quick Fix to Good Patching & Remediation

February 23rd, 2009

Considering that over 90 percent of cyber attacks exploit known security flaws, vulnerability management has never had greater importance than today when it comes to managing risks.  It remains the single most effective security defense a company can undertake to manage its greatest amount of risk with the lowest possible cost. While the current economic […]


By: - Dir. Solutions Marketing

Patch Tuesday PR: Prudent or Hype?

February 11th, 2009

Just read an interesting article by Bill Brenner, who writes the FUD Watch blog at CSO, entitled Debunking the Patch Tuesday Hype Machine. In it, Mr. Brenner points to the onslaught of press releases he receives as the second Tuesday of every month approaches, warning that … … the apocalypse is at hand. Patch immediately, […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com