By: - Technology Reporter

@jleclaire

How to Protect Corporate Data from Angry Employees

October 22nd, 2013

Yesterday, I defined the problem … employees, angry, unaware or otherwise dishonest, are a significant threat to your company’s IP. Today we look into how to safeguard the database and other IT assets from internal threats by angry employees. First up is device control. Why make it easy for an employee on their way out [...]



By: - Chairman and CEO, Lumension

@pclawson

The Shape of Things to Come with Critical Infrastructure Attacks

February 13th, 2013

How many movies have you seen where the fate of humankind depends on a geeky guy sweating in front of a computer? The specific drama varies from movie to movie, but they generally include the need to: hack into a system to get critical information, crack a password, or disable an evil supercomputer bent on [...]



By: - Dir. Solutions Marketing

Blocking USB Borne Malware Isn’t Rocket Science

August 15th, 2012

In a recent newsletter, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) devoted significant space to a recent malware incident involving a removable media flash drive. Basically, someone connected a personally-owned USB flash drive to an air-gapped or isolated system; this USB stick was later found to be infected with the Hamweq virus. We’ve [...]



By: - Dir. Solutions Marketing

USBs: Unsafe at Any Speed?

August 12th, 2011

I always enjoy hearing about our venerable events in the popular press – sometimes they’re yuk-inducing, like this bit on Marketplace about their reporter asking about getting WiFi at Black Hat 2011 (see here or listen here for the whole piece). And although I did not attend, I’ve been trying to catch up on some [...]



By: - Dir. Solutions Marketing

Is FIPS 140-2 Fatally Flawed?

January 13th, 2010

So, upon my return to the Valley of the Sun and after figuring out where our new offices (let alone the coffee machine and bathrooms) were (Lumension has moved, in case you’ve not heard – 3rd floor with a seriously sweet view), I settled down to see what happened over the holidays. First up – [...]



By: - Dir. Solutions Marketing

Chris’ Security Cache Contemplation

May 12th, 2009

Miscellaneous interesting news / tidbits I’ve run across whilst trying to keep up with / clean out my RSS feed … Targeted Attack. It was widely reported last week (see here and here and here) that a convicted Swedish hacker was charged with the 2004 attack on Cisco Systems (where he stole source code), NASA’s [...]



By: - Forensics and Security Expert

@phenrycissp

Nasty Virus / Trojan Lurking in the Wild

April 27th, 2009

With Conficker still fresh on our minds, a new potential menace has emerged.  The remote access capability of a Trojan that spreads like a Virus – W32.Virut.CF (Symantec) or W32/Scribble-A (Sophos) is poised to wreak havoc on networks over the coming days.  Embedding itself deep within infected machines, the Trojan will make it difficult to [...]



By: - Dir. Solutions Marketing

Old Skool Hax

April 20th, 2009

The focus for those of us in the data leakage arena has generally been on the “big holes,” especially when it comes to the risk of insider theft… email, removable devices and drives (e.g., USB flash drives, external HDDs), removable media (e.g., CDs / DVDs). And for good reason. Why?  Well, first, as I’ve mentioned before, [...]



By: - Forensics and Security Expert

@phenrycissp

Zero-day MS PowerPoint Vulnerability– exploit actively being used in the wild

April 3rd, 2009

Another day, another exploit – and no, this time it’s not related to Conficker. There is a new zero-day vulnerability lurking in-the-wild that impacts older versions of MS Office; Office 2000, Office XP, Office 2003 and also includes Mac Office. However, please note that the latest version of Office 2007 is not vulnerable. Microsoft reports [...]



By: - SVP Global Marketing

@cedwardbrice

All Quiet On The Eastern Front as it Relates to Conficker

March 31st, 2009

Latest network traffic in China indciates that Conficker will not materialize into the overhyped sensation that it tuned out to be; however, Conficker turned out to be a very important lesson for everyone. Conficker is an aggressively spreading computer worm that has been laying down a powerful botnet infrastructure that can then be managed by [...]


By: - IT Security Expert

Healthcare 2.0? The Security Skinny on Obama’s Stimulus Package

March 31st, 2009

On Tuesday February 17th, President Obama signed the economic stimulus package that carves out $19B for modernizing health information systems.  The transition from paper to electronic or e-records in the healthcare industry has been happening for some time.  Although in small numbers, the process has been slow to ramp up based on technology considerations and [...]


By: - Forensics and Security Expert

@phenrycissp

Conficker Evolution: One Step Closer to Becoming a Huge Botnet and an Even Bigger Problem

March 13th, 2009

A quick review of the evolution of Conficker – those who failed to patch found themselves stuck in yet another malware arms race with hackers: 1.    On or around November 24th well after the release of the respective patch from Microsoft, Conficker “A” quickly took advantage of the previously patched buffer overflow in the Microsoft [...]


By: - Dir. Solutions Marketing

The People in the Equation: Avoiding Malicious Scam Sites

February 16th, 2009

Here’s another entry in one of my fundamental observations about computer security: in the end, it comes down to applying human intelligence. A friend who works in the banking industry pointed this lovely advert out to me … Needless to say, this made it onto the pages of failblog.com, entitled “Scam Fail” (see here). Bwa-ha-ha-ha-ha-haaaa. [...]


By: - Dir. Solutions Marketing

New Insider Threat Emerges

January 30th, 2009

Lumension has authored a new and highly topical tract on the problem of insider data theft entitled “New Insider Threat Emerges in the New Economy.” In it, the authors discuss how the economic woes of 2008, which are sure to stretch out well beyond, have amped up the issue of insider data theft, be it [...]


By: - Forensics and Security Expert

@phenrycissp

A Christmas “Malware” Story

December 24th, 2008

Joe’s wife Anne gets one of those new digital picture frames as a gift for Christmas. After opening the package, Anne asks Joe to load Christmas pictures of the kids they had taken that morning on to the digital picture frame. Joe fires up the company laptop (a sales organization that also had a successful [...]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com