Here’s How to Keep Getting Free Security Updates for Windows XP Until 2019 – And Why You Shouldn’t

Have you heard the news?

A way has been found to trick computers into receiving security updates for Windows XP – even though Microsoft stopped officially supporting the operating system back in April.

According to a BetaNews report, this could make it possible for users still using creaky old XP to carry on getting security updates for another five years!

> Read More

Windows 8.1 Update – Microsoft forces users to update OS if they want future security updates

Most of the attention this week, from the patching point of view at least, has been directed towards the last ever security fixes for Windows XP.

Microsoft warned in 2007 that it would no longer be supporting Windows XP after April 8th, 2014, and they have kept true to their promise – meaning that all XP users would be wise to either upgrade their XP installations to a more modern version of Windows or,

> Read More

Apple Fingerprint Scanner: Game Changer or Game Over?

Apple’s announcement of the company’s new iPhone 5S comes equipped with a fingerprint scanner has the potential to be a real game changer for personal device security – if it’s done right. There are two factors that will determine the real success of this new feature, which has undeniable potential. First, reliability and second,

> Read More

Nothing Pretty About Fireworks Delivered From Microsoft This Patch Tuesday

IT admins may have taken the Fourth off to enjoy some fireworks, but they’ll be very busy this week patching their systems. It’s not a pretty Patch Tuesday this month with 7 bulletins, 6 of which are critical. That brings our total of critical bulletins for the year to 22, which is fairly high, considering Microsoft released only 34 critical bulletins for the entire calendar year of 2012.

> Read More

Compliance Is Bad for Security

There are two separate approaches to keeping data safe: compliance and security. The first is a legal/regulatory obligation; the second is not. If you ask a compliance author, whether that’s a government legislator or a bureaucratic regulator, what is the purpose of compliance, the reply will be ‘to ensure security.’ If you ask the same person,

> Read More

3 Executive Strategies to Prioritize Your IT Risk

Every company wants to know the best way to protect their company, but it can be difficult when faced with the evolving security challenges of today. I recently sat down with Richard Mason, VP & CSO at Honeywell, Roger Grimes, security columnist and author, to get their thoughts on risk management best practices. I hope these strategies will help companies prioritize their IT risk and think beyond the traditional IT standards.

> Read More

BYOD or BYOT (Bring Your Own Threat)…The Case for Mobile Devices as Endpoints

Lumension recently conducted a survey of more than 1,600 IT professionals on Linkedin regarding their thoughts on BYOD and mobile security. You can check it out here. There is a lot of interesting information in this survey, with one of the main takeaways was for these respondents’ organizations, BYOD is really all about end-user satisfaction and productivity.

> Read More

ZIP Codes Are … PII?!

Mr. ZIP (or Zippy to his friends) was born back in July 1963 and the soon-to-be 50-year-old is finally getting some privacy … in Massachusetts at least.

The Massachusetts Supreme Court recently determined that under Mass. Gen. Laws, ch. 93, § 105(a), “personal identification information” includes a consumer’s ZIP code and decided that collecting such personal information is a violation of state privacy law for which the consumer can sue.

> Read More

Anatomy of Reflective Memory Attacks

Ophiocordyceps unilateralis is a parasitical fungus that, beginning with a microscopic spore, infects a certain species of ant using a series of attacks, one building on the other until it controls the ant’s brain for its own bidding.  The fungus can’t just land on the ant, consume it and reproduce.  It needs to get inside the ant – in order to eat it – and it needs the ant to travel far away from the ant’s normal home in a tree to an environment more suitable for the fungus’ growth and reproduction. 

> Read More

Embedded Chinese Malware – Theoretical Threat or Practical Issue?

Before we begin discussing the issue of the theoretical or practical reality in the potential threat of the Chinese embedding malware in the computer equipment they manufacture, consider this:

Just a few years ago who would have thought that any government (never mind our own) would have created malware to attack another government’s computer systems to achieve a political goal?

> Read More

Are Journalists Sitting Ducks?

Remember Mat Honan – a Wired reporter that covers consumer electronics? He had his entire digital life erased last summer. His Google account was deleted, his Twitter taken over, his iPhone, iPad and MacBook erased.

How about the New York Times hack? Chinese hackers allegedly broke into the paper’s systems,

> Read More

Everything Matters

You just can’t cut corners today. In fact you need to be very careful about even “optimizing” your security efforts because it’s so easy to misjudge what needs to be secured and what doesn’t; what deserves your attention and what doesn’t. In fact, in a recent discussion with a colleague, we concluded that basically, “today,

> Read More

June 2010 Patch Tuesday Security Briefing

On Tuesday June 8, 2010, Microsoft warned users that they have released ten security bulletins — three of which are critical, seven are rated important and all of which include an explicit or possible restart warning. The impact will be felt enterprise-wide, as the bulletins cover a large portion of Microsoft’s range of operating systems,

> Read More

Patch Tuesday: The Looming Dangers of Digital Media

It might be the start of summer, but there was little sunshine from Microsoft on Tuesday, as the company warned users that they have released ten security bulletins — three of which are critical, seven are rated important and all of which include an explicit or possible restart warning. The impact will be felt enterprise-wide,

> Read More

Innovation, Competition and Venture Capitalism

Over the last several months, I’ve been wrestling over a few issues that I think are converging to create an inhospitable business environment. Issues such as our company’s heritage as a venture-backed company, where we sit as a nation from a data security perspective; and my own view, that US intellectual property is at an ever increasing risk to foreign entities trying to capitalize on our innovations.

> Read More