By: - Independent Computer Security Analyst

@gcluley

Google’s Project Zero – Targeting Zero-Day Vulnerabilities

July 16th, 2014

Google has announced that it is assembling a crack team of researchers, devoted to finding and reporting security holes in widely used software. According to Google security engineer Chris Evans, the group – which has been dubbed “Project Zero” – aims to uncover unpatched security vulnerabilities before they are exploited in targeted internet attacks. “Our [...]



By: - Forensics and Security Expert

@phenrycissp

No Luck o’ the Irish for IT this St. Patty’s Day

March 12th, 2013

video

IT admins can’t seem to catch a break this year. First, the never ending stream of Java issues that has kept folks on their toes since January. Now they’ve got another busy month of patches ahead of them, with 7 total patches from Microsoft, 4 of which are critical. However, once again the issues outside of Microsoft [...]



By: - Forensics and Security Expert

@phenrycissp

Eliminating Java Will Not Solve Your Problem

March 6th, 2013

While many are jumping on the ‘Death to Java’ bandwagon and ranting about turning off Java to eliminate risk, it is important to put the issue in the proper context: the reality of the matter is a Java vulnerability is not the end game for a cyber criminal; it is merely a delivery mechanism in [...]



By: - Forensics and Security Expert

@phenrycissp

No Love for IT This Valentine’s Day

February 12th, 2013

video

It’s going to be a rough Valentine’s Day for many IT admins this month. With ongoing issues with Java and 12 bulletins from Microsoft, including 5 critical issues and many restarts, it’s going to be a very disruptive Patch Tuesday. It’s disturbing to note how many different Microsoft platforms are critically affected this month. Everything [...]



By: - Technology Reporter

@jleclaire

Managing Security Risks in a Virtual Environment

February 4th, 2013

Before virtualization even became an official buzzword, IT industry watchers began pointing to its security risks. Now that virtualization is mainstream, few will come out and say virtual environments are inherently less secure—but there remains a tendency to deploy virtual servers and virtual desktops insecurely. Of course, with that tendency comes the potential for security [...]



By: - Forensics and Security Expert

@phenrycissp

Microsoft Kicks off the New Year With Fixes for Current Code Base

January 8th, 2013

So far, it looks like 2013 is off to a fairly average start with 7 bulletins: 2 critical and 5 important. You may recall that January of 2012 also came in with 7 bulletins, though only 1 was critical. After closing out 2012 with more consistency in the number of patches per month, we can [...]



By: - Forensics and Security Expert

@phenrycissp

Ransomware is Back with a Vengeance and Targeting Business

December 27th, 2012

Ransom-ware has matured since it was first seen in 1989 with the PC Cyborg Trojan. Today, it is big business for cyber criminals; and for good reason. A September article reported cyber criminals could earn between $50,000 and $60,000 a day by focusing their efforts on just a couple of countries. The severity of ransom-ware’s [...]



By: - Forensics and Security Expert

@phenrycissp

7 Patches for December Brings 2012 Patch Tuesday Total to 83

December 11th, 2012

video

IT has 7 patches to deal with in December; 5 are critical and 2 are important. Fortunately, none are currently under active attack so that will hopefully set IT’s mind at ease as they begin to apply this set of patches. 2012 in Review With the multitude of third-party application patching needed this year from [...]



By: - Forensics and Security Expert

@phenrycissp

2013 Prediction Series Starts with Malware

December 10th, 2012

After a quick review of how I did on my 2012 predictions, it’s now time to get serious about what 2013 may bring. As you plan for the new year, you may find this helpful. Then again, nothing is a sure bet in IT security…that’s the one thing I know for certain. Regardless, 2013 is [...]



By: - Chairman and CEO, Lumension

@pclawson

Disheartening Disconnect Identified by 2013 State of Endpoint Risk Study

December 4th, 2012

I’m concerned about the results of our fourth annual State of the Endpoint study just completed by the Ponemon Institute. Over the years, IT pros have reported shrinking confidence in the security of their networks. While this year is no different, the number of IT security pros who responded no, they are not more confident [...]


By: - Forensics and Security Expert

@phenrycissp

Initial Thoughts on Windows 8 Security

November 19th, 2012

While not an all encompassing review of the security features available in Windows 8, this post takes a quick look at some of the more noteworthy capabilities in this latest iteration from Microsoft. Windows 8 Base Security Features Windows Defender Windows Defender has evolved from a spyware product to a relatively good malware defense product. [...]


By: - Forensics and Security Expert

@phenrycissp

Light Patch Tuesday From Microsoft this September

September 11th, 2012

Is this September’s light Patch Tuesday a reflection of the maturity of Microsoft’s secure coding initiatives? One can only hope… Some vendors scrambled with repeated emergency patches last week just days apart and others seemed to just shrug off multiple day zero vulnerabilities. To the delight of IT pros everywhere though, Microsoft has given us [...]


By: - Forensics and Security Expert

@phenrycissp

The Fireworks Continue with July’s Patch Tuesday

July 10th, 2012

video

IT administrators will have to deal with more fireworks this month with Microsoft’s Patch Tuesday. This month there are 9 patches, 3 of which are critical and 6 important. This is more than double last year’s July patches: 4 total, with only 1 critical. This puts Microsoft at 51 bulletins for 2012, about on par [...]


By: - Forensics and Security Expert

@phenrycissp

Is Apple the New Adobe?

April 13th, 2012

A security weakness in Apple Quicktime Java Extensions was reported to Apple today (along with proof of concept code) by Adam Gowdiak, a resarcher with Security Explorations in Poland.  The issue impacts Quicktime 7.7.1 running on Windows XP SP3, Windows 7 HP 64-bit, Windows 7 Pro 32-bit, along with web browsers; Mozilla Firefox 11.0, Internet Explorer [...]


By: - Forensics and Security Expert

@phenrycissp

Is BackDoor.Flashback.39 Trojan Going to be Apple’s Conficker?

April 9th, 2012

With 274 of the 600,000 infected Mac’s now being reported as being in Cupertino – Apple’s hometown – maybe they will feel a little of the pain their users are now feeling and get serious about being more candid and perhaps more revelaing in their patch release notifications. Calculating the number of infected Macs this [...]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com