By: - Director, Product Management


Final Patch Tuesday Quietly Ushers Out XP and 2003

April 8th, 2014

2 Critical 2 Important In the final Patch Tuesday for Windows XP and Office 2003, Microsoft released 4 patches today, two critical and two important that cover a total of just 11 CVEs. While an unusually small Patch Tuesday, it isn’t surprising Microsoft included final fixes in XP and Office 2003. For that reason, this [...]

By: - Independent Computer Security Analyst


Isn’t It Time Oracle Gave Us Monthly Security Updates for Java?

March 24th, 2014

In some ways, it could be argued that Java is an incredible success. I’m serious. Stop laughing at the back. You see, according to Oracle, Java’s developer, the product is used on over 3 billion different devices worldwide. That *is* impressive. But, for those of us concerned with securing systems and keeping computer data safe, [...]

By: - Forensics and Security Expert


8 Bulletins, 3 Critical for August Patch Tuesday

August 8th, 2013

  IT departments will get a bit of a reprieve this August Patch Tuesday. While 8 bulletins may seem high at first glance, 3 of them are considered critical and just 1 – bulletin 1 – impacts the current code base. With 8 bulletins today, Microsoft’s year-to-date total is 65 patches. For anyone keeping track, [...]

By: - Dir. Solutions Marketing

Beware of the Crapper Hacker

August 5th, 2013

News late last week from Trustwave of a security vulnerability in a new line of Japanese toilets. And while funny in its own way, it does serve as a warning for manufacturers and consumers alike as we move into an even more connected world. As everyone probably knows, Japanese toilets are a modern technological marvel. [...]

By: - Senior Architect


Defending Against Java

July 24th, 2013

Java offers enterprises the ability to write code once and run it everywhere.  However, this flexibility comes with a high cost: reduced security on endpoints. It has lately gotten so bad that Java has been nicknamed Just Another Vulnerability Announcement. Oracle has been working to produce updates to Java that addresses these vulnerabilities, but many [...]

By: - Forensics and Security Expert


The Danger of Open Access to University IP

July 22nd, 2013

When I saw last week’s New York Times story about the problems universities are experiencing with cyber attacks, my first thought was one of surprise. Wasn’t this kind of story published years ago? Hackers are opportunistic and universities pride themselves on providing free and open access to materials. Cyber attacks on research universities have been [...]

By: - Forensics and Security Expert


Nothing Pretty About Fireworks Delivered From Microsoft This Patch Tuesday

July 9th, 2013

IT admins may have taken the Fourth off to enjoy some fireworks, but they’ll be very busy this week patching their systems. It’s not a pretty Patch Tuesday this month with 7 bulletins, 6 of which are critical. That brings our total of critical bulletins for the year to 22, which is fairly high, considering [...]

By: - Forensics and Security Expert


IT Gets a Summer Vacation with Light Patch Load for June

June 11th, 2013


It’s a record month for Microsoft this month. With just five bulletins, June marks the lowest number of bulletins we’ve seen from Microsoft to date this year, making it a light month for IT admins. It’s also the halfway point for the year, which is always a good time to look back at last year [...]

By: - Forensics and Security Expert


Securing the Internet of Things

June 6th, 2013

Gone are the days when the Internet was something accessed only through a PC attached to an Ethernet plug. Access is now available from anywhere and via a multitude of form factors. The Internet has moved beyond the computer and even your smartphone into the most unlikely of things. Your TV, your thermostat, even your [...]

By: - Senior Architect


Hiding Under the Covers

May 15th, 2013

“All warfare is based on deception” – Sun Tzu, The Art of War Attackers like stealth.  Once they have compromised a system, one of their primary goals is to remain undetected. Initially, attackers used malware with pseudo Windows service names such as svchosts.exe, winlogin.exe, lsasss.exe, and others. Although these names appear to be innocuous, power [...]

By: - Technology Reporter


New School Cyber Crooks Using Old School Malware Tricks

April 29th, 2013

You can teach old crooks new tricks, but many cyber criminals are discovering that the old tricks are working just fine. Indeed, recent security headlines feature old school malware attacks, like the MiniDuke. And old school botnets with creative new names are bum rushing the Internet. At the same time, reflective memory injection (RMI) attacks, which blend [...]

By: - Information Security Reporter


Advanced Volatile Threat – Is an Old Threat the New New Threat?

March 19th, 2013

“In the meantime,” wrote [1] John Prisco, president and CEO of start-up firm Triumfant, “while our attention has been diverted towards APT1-style attacks, a more sophisticated and dangerous attack vector has emerged and will likely become more and more commonplace among cyber criminals: the Advanced Volatile Threat or AVT.” Chillingly he adds, “you’ve been warned.” [...]

By: - Forensics and Security Expert


No Love for IT This Valentine’s Day

February 12th, 2013


It’s going to be a rough Valentine’s Day for many IT admins this month. With ongoing issues with Java and 12 bulletins from Microsoft, including 5 critical issues and many restarts, it’s going to be a very disruptive Patch Tuesday. It’s disturbing to note how many different Microsoft platforms are critically affected this month. Everything [...]

By: - Chairman and CEO, Lumension


Cyber Security Efforts in the U.S.

October 19th, 2010


Recognizing October as National Cyber security Awareness Month, Lumension Chairman and CEO, Pat Clawson, invited a handful of IT security industry leaders for 30 minutes of frank conversation on what is being done at the government level to reign in national cyber security efforts in the U.S.

By: - Sr. Director Solutions and Strategy


IT Risk and Social Web Leverage

September 21st, 2010

Leverage in all forms is a powerful thing.  For both good and bad.  The popularity and speed of social websites provide an amazing degree of leverage for both businesses and hackers.  The Twitter OnMouseOver JavaScript flaw and the resulting flood of exploitive tweets is a great example of the latter. In a matter of hours, thousands [...]

IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us