By: - Director, Product Management

@russbernst

Microsoft Takes on IE Vulns and Enforces 8.1 Update in August Patch Tuesday

August 12th, 2014

The patches released by Microsoft today for August Patch Tuesday include 9 bulletins (2 critical and 7 important) and cover 37 CVEs. IT’s first priority should be the critical, cumulative update for IE. MS14-051 includes 26 CVEs for all supported versions of the browser. All are privately disclosed with the exception of one, CVE-2014-2819, which […]



By: - Independent Computer Security Analyst

@gcluley

7 Out of Top 10 Internet of Things Devices Riddled With Vulnerabilities

July 31st, 2014

It has become the trendy thing to connect more and more household and office devices to the internet. It is becoming increasingly common to find yourself typing a WiFI password not just into your smartphone, but also your smoke alarm, your fridge, your printer, your baby monitor and maybe even your car. However, are the […]



By: - Independent Computer Security Analyst

@gcluley

More Security Flaws Discovered in OpenSSL – Patch Now!

June 6th, 2014

Remember the Heartbleed scare which had you scurrying to change your passwords and worrying about online privacy a few weeks ago? How could you forget it… After all, hundreds of thousands of websites were impacted by that flaw, as well as millions of Android devices put at risk. Well, it looks like that wasn’t the last word […]



By: - Independent Computer Security Analyst

@gcluley

Here’s How to Keep Getting Free Security Updates for Windows XP Until 2019 – And Why You Shouldn’t

May 27th, 2014

Have you heard the news? A way has been found to trick computers into receiving security updates for Windows XP – even though Microsoft stopped officially supporting the operating system back in April. According to a BetaNews report, this could make it possible for users still using creaky old XP to carry on getting security […]



By: - Director, Product Management

@russbernst

Final Patch Tuesday Quietly Ushers Out XP and 2003

April 8th, 2014

2 Critical 2 Important In the final Patch Tuesday for Windows XP and Office 2003, Microsoft released 4 patches today, two critical and two important that cover a total of just 11 CVEs. While an unusually small Patch Tuesday, it isn’t surprising Microsoft included final fixes in XP and Office 2003. For that reason, this […]



By: - Independent Computer Security Analyst

@gcluley

Isn’t It Time Oracle Gave Us Monthly Security Updates for Java?

March 24th, 2014

In some ways, it could be argued that Java is an incredible success. I’m serious. Stop laughing at the back. You see, according to Oracle, Java’s developer, the product is used on over 3 billion different devices worldwide. That *is* impressive. But, for those of us concerned with securing systems and keeping computer data safe, […]



By: - Forensics and Security Expert

@phenrycissp

8 Bulletins, 3 Critical for August Patch Tuesday

August 8th, 2013

  IT departments will get a bit of a reprieve this August Patch Tuesday. While 8 bulletins may seem high at first glance, 3 of them are considered critical and just 1 – bulletin 1 – impacts the current code base. With 8 bulletins today, Microsoft’s year-to-date total is 65 patches. For anyone keeping track, […]



By: - Dir. Solutions Marketing

Beware of the Crapper Hacker

August 5th, 2013

News late last week from Trustwave of a security vulnerability in a new line of Japanese toilets. And while funny in its own way, it does serve as a warning for manufacturers and consumers alike as we move into an even more connected world. As everyone probably knows, Japanese toilets are a modern technological marvel. […]



By: - Senior Architect

@danteal

Defending Against Java

July 24th, 2013

Java offers enterprises the ability to write code once and run it everywhere.  However, this flexibility comes with a high cost: reduced security on endpoints. It has lately gotten so bad that Java has been nicknamed Just Another Vulnerability Announcement. Oracle has been working to produce updates to Java that addresses these vulnerabilities, but many […]



By: - Forensics and Security Expert

@phenrycissp

The Danger of Open Access to University IP

July 22nd, 2013

When I saw last week’s New York Times story about the problems universities are experiencing with cyber attacks, my first thought was one of surprise. Wasn’t this kind of story published years ago? Hackers are opportunistic and universities pride themselves on providing free and open access to materials. Cyber attacks on research universities have been […]


By: - Forensics and Security Expert

@phenrycissp

Nothing Pretty About Fireworks Delivered From Microsoft This Patch Tuesday

July 9th, 2013

IT admins may have taken the Fourth off to enjoy some fireworks, but they’ll be very busy this week patching their systems. It’s not a pretty Patch Tuesday this month with 7 bulletins, 6 of which are critical. That brings our total of critical bulletins for the year to 22, which is fairly high, considering […]


By: - Forensics and Security Expert

@phenrycissp

IT Gets a Summer Vacation with Light Patch Load for June

June 11th, 2013

video

It’s a record month for Microsoft this month. With just five bulletins, June marks the lowest number of bulletins we’ve seen from Microsoft to date this year, making it a light month for IT admins. It’s also the halfway point for the year, which is always a good time to look back at last year […]


By: - Forensics and Security Expert

@phenrycissp

Securing the Internet of Things

June 6th, 2013

Gone are the days when the Internet was something accessed only through a PC attached to an Ethernet plug. Access is now available from anywhere and via a multitude of form factors. The Internet has moved beyond the computer and even your smartphone into the most unlikely of things. Your TV, your thermostat, even your […]


By: - Senior Architect

@danteal

Hiding Under the Covers

May 15th, 2013

“All warfare is based on deception” – Sun Tzu, The Art of War Attackers like stealth.  Once they have compromised a system, one of their primary goals is to remain undetected. Initially, attackers used malware with pseudo Windows service names such as svchosts.exe, winlogin.exe, lsasss.exe, and others. Although these names appear to be innocuous, power […]


By: - Technology Reporter

@jleclaire

New School Cyber Crooks Using Old School Malware Tricks

April 29th, 2013

You can teach old crooks new tricks, but many cyber criminals are discovering that the old tricks are working just fine. Indeed, recent security headlines feature old school malware attacks, like the MiniDuke. And old school botnets with creative new names are bum rushing the Internet. At the same time, reflective memory injection (RMI) attacks, which blend […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com