Much Ado About Java

So, have you seen the latest about Java? Seems most organizations are still running (really) old versions. And even the current version has what is technically known as a shit-ton of zero-day vulnerabilities. And so Oracle is changing their vulnerability numbering system to accommodate all of them, in addition to taking other steps surrounding Java security.

> Read More

Implementing an Endpoint Security Management Strategy

The following is excerpted from Mike’s series on Endpoint Security Management, published on the Securosis blog and the topic of discussion in Mike’s session at SecuritySCAPE 2012 on September 25

Keeping track of 10,000+ anything is a management nightmare. With ongoing compliance oversight and evolving security attacks against vulnerable endpoint devices,

> Read More

Before, During and After Patch Tuesday: A Survival Guide

It’s been said that there are only two types of companies left in the world: those who know they’ve been hacked and those who don’t. We have to hope that there’s still a third group: those who have not been hacked. You can be sure those who belong to the third group are those who are rigorously implementing security features and,

> Read More

How to Remove MAC Defender

MacDefender is fake security program that has been targeting Mac OS users. Through a combination of SEO optimization and a socially engineered website, Mac users are tricked into installing the Mac Defender malware. In this video, two members of the Lumension team, Russ Ernst, product management and Chris Merritt, solution marketing have prepared a step-by-step procedure to ensure that MacDefender is removed from any infected machines in your environment using Lumension Patch and Remediation.

> Read More

Light Patch Load from Microsoft This Month – But More than Enough Work to Go Around

This Patch Tuesday wasn’t very large, but it was serious. Two of the patches we saw were in Windows, and the third in Office. All patches addressed issues providing for remote code execution, which is top of mind for IT flaw remediation specialists.

If you’re using the Remote Desktop Client, MS11-017 should be your top priority followed by MS11-015 and finally MS11-016.

> Read More

IT Pros Face a “Scary” Patch Tuesday with Zero Day Exploits

This month’s Microsoft Patch Tuesday update has reached an all time high with 13 bulletins, which surpasses the previous high of 12 released in October 2008. IT pros won’t only have to deal with the large amount of patches, but the update also includes fixes for 34 security issues with zero-day issues continuing to be the real nail biters.

> Read More

Operationalizing Endpoint Security: Striking a Balance between IT Operations and IT Security

Gartner recently released a report on operationalizing endpoint security – on how signature-based anti-malware is losing effectiveness in the face of an overwhelming volume of threats. I have a few thoughts about the report’s findings and what organizations can do to better protect their endpoints.

As the Gartner report made clear, signature-based anti-malware is losing its effectiveness.

> Read More

Meet Gumblar – Son of Conficker

Back in 2008, it was reported that a website was compromised once every five seconds to contain web-borne malware. Today, the rate is still increasing, as another website is reportedly now being compromised every 4.5 seconds.

The end game remains the same – downloading and installing malware.  The compromised PC most often becomes a soldier in a spam spewing botnet army or the users credentials are simply stolen with a key logger and the victim quickly becomes a victim of identity theft.

> Read More

Six Month Old Java Issue Still Plagues Mac

With a six month old critical Java vulnerability currently being exploited in the wild, it is vital for Apple to address this vulnerability immediately to protect its current Mac users.  Most other operating systems such as Microsoft Windows and other major Linux distributions such as Red Hat, Suse as well as HP fixed the bug months ago.

> Read More

Massive Apple Patches in the Shadow of Microsoft Patch Tuesday

Given all the attention around Microsoft’s patch release for Office PowerPoint in yesterday’s Patch Tuesday, Apple’s release of 67+ patches and the huge 286 MB Apple patch seems to have slipped under the radar. This is another reminder for IT administrators that software vulnerabilities are not a Microsoft “exclusive” issue and you are just as likely to suffer an intrusion initiated from a vulnerability in a non-Microsoft application or software add-on even if your Microsoft products are fully patched and up to date.

> Read More

Administrators Beware of Spyware Guard 2008

So here you are, an accomplished network administrator… you understand the risks to your enterprise.  You have managed to wrestle local administrator rights away from your user community.  All systems are running current versions of a popular antivirus software.  So your user community can browse the Internet with gleeful abandon.  Think again.  Joe User while browsing the Internet is suddenly confronted with a very convincing popup that declares their system has several vulnerabilities. 

> Read More

Vulnerability Management: A Snapshot of an Ever-Changing Landscape

One lesson that continued to be conveyed by security gurus at RSA 2009 was the dynamic nature of today’s threat environment. I took some time away from the flurry of show activity to explain the landscape as it stands today and how Lumension is addressing the most recent threats through its Vulnerability Management Suite. Take a listen.

> Read More