By: - Independent Computer Security Analyst


Five years after Stuxnet, your USB drive is still being patched

August 12th, 2015

Once again, Microsoft finds itself patching Windows against attacks that can strike at your PC through the USB drive.

By: - Dir. Solutions Marketing

E-Cigarettes Are Bad for Your Computer’s Health!

December 2nd, 2014

There’s been a lot of news lately about the adverse health impact of vaping, including a recent study which suggests that e-cigarettes contain up to 10 times the level of carcinogens of regular tobacco. But perhaps less well publicized is the recent news that e-cigarettes might give you malware. According to an account on Reddit, […]

By: - Dir. Solutions Marketing

BadUSB Update

October 16th, 2014

I have received several inquiries regarding the latest news about the so-called BadUSB vulnerability, so I thought I’d write a quick post on what we know at the moment. What is BadUSB? BadUSB is a vulnerability – not malware – in the design and implementation of firmware used on USB devices which allows it to […]

By: - Independent Computer Security Analyst


Unpatchable BadUSB Code Is Now Publicly Available

October 6th, 2014

How sweet would it be to plug and play USB devices without the fear of viruses, malware and other security threats? It’s everyone’s dream to own 100% foolproof USB devices for their file storage and transfer routine: Fascinating to think about it, but it simply isn’t gonna happen with the raft of current USB-related security […]

By: - Dir. Solutions Marketing

Is It the End of the (USB) World as We Know It?

August 4th, 2014

News this past week about a Proof-of-Concept tool called BadUSB which has the IT security press in a lather. Why? Well, we all know that USB sticks are used to spread malware. But this POC by SRLabs security researchers Karsten Nohl and Jakob Lell – which will be demonstrated at Black Hat USA 2014 – […]

By: - Technology Reporter


How to Protect Corporate Data from Angry Employees

October 22nd, 2013

Yesterday, I defined the problem … employees, angry, unaware or otherwise dishonest, are a significant threat to your company’s IP. Today we look into how to safeguard the database and other IT assets from internal threats by angry employees. First up is device control. Why make it easy for an employee on their way out […]

By: - Former Chairman and CEO, Lumension


The Shape of Things to Come with Critical Infrastructure Attacks

February 13th, 2013

How many movies have you seen where the fate of humankind depends on a geeky guy sweating in front of a computer? The specific drama varies from movie to movie, but they generally include the need to: hack into a system to get critical information, crack a password, or disable an evil supercomputer bent on […]

By: - Dir. Solutions Marketing

Blocking USB Borne Malware Isn’t Rocket Science

August 15th, 2012

In a recent newsletter, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) devoted significant space to a recent malware incident involving a removable media flash drive. Basically, someone connected a personally-owned USB flash drive to an air-gapped or isolated system; this USB stick was later found to be infected with the Hamweq virus. We’ve […]

By: - Dir. Solutions Marketing

USBs: Unsafe at Any Speed?

August 12th, 2011

I always enjoy hearing about our venerable events in the popular press – sometimes they’re yuk-inducing, like this bit on Marketplace about their reporter asking about getting WiFi at Black Hat 2011 (see here or listen here for the whole piece). And although I did not attend, I’ve been trying to catch up on some […]

By: - Dir. Solutions Marketing

Is FIPS 140-2 Fatally Flawed?

January 13th, 2010

So, upon my return to the Valley of the Sun and after figuring out where our new offices (let alone the coffee machine and bathrooms) were (Lumension has moved, in case you’ve not heard – 3rd floor with a seriously sweet view), I settled down to see what happened over the holidays. First up – […]

By: - Dir. Solutions Marketing

Chris’ Security Cache Contemplation: Week 6

July 6th, 2009

A quick note on some interesting news/tidbits I’ve run across whilst trying to keep up with/clean out my RSS feed before I head out for the 4th of July weekend… The Iceman Goeth. Saw where Max Ray Vision (nee Butler), aka “Iceman,” has plead guilty to two counts of wire fraud stemming from the theft […]

By: - Dir. Solutions Marketing

Chris’ Security Cache Contemplation

May 12th, 2009

Miscellaneous interesting news / tidbits I’ve run across whilst trying to keep up with / clean out my RSS feed … Targeted Attack. It was widely reported last week (see here and here and here) that a convicted Swedish hacker was charged with the 2004 attack on Cisco Systems (where he stole source code), NASA’s […]

By: - Dir. Solutions Marketing

Beware of ATM Card Skimmers

May 5th, 2009

I ran across an interesting post in the Consumerist about a guy who found a card skimmer attached to his local ATM. Apparently, he was alert enough to notice that something wasn’t quite right, and pulled it right off the machine … and discovered that it was designed to read the info off a card […]

By: - Forensics and Security Expert


Nasty Virus / Trojan Lurking in the Wild

April 27th, 2009

With Conficker still fresh on our minds, a new potential menace has emerged.  The remote access capability of a Trojan that spreads like a Virus – W32.Virut.CF (Symantec) or W32/Scribble-A (Sophos) is poised to wreak havoc on networks over the coming days.  Embedding itself deep within infected machines, the Trojan will make it difficult to […]

By: - Dir. Solutions Marketing

Corporate Espionage

April 21st, 2009

There’s no way this ends well. The Wall Street Journal recently reported (sub. req’d) that Starwood Hotels filed suit against Hilton Hotels and two former employees, Ross Klein and Amar Lalvani, for corporate espionage, theft of trade secrets and unfair competition. Klein was the former President of Starwood Luxury Brands Group, and Lalvani was formerly […]

IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us