Author Archives: Chris Lord


Chris Lord is the endpoint point man and resident software architect at Bit9 in Waltham where he leads the product teams developing security solutions for Windows, Mac and Linux platforms. Prior to Bit9, Chris has been a technical leader and innovator across a wide range of technologies and companies including application virtualization at Microsoft and Softricity, secure systems at CERT (SEI), petascale storage virtualization at Cereva, fault-tolerant systems at Marathon, Internet search at AltaVista, and enterprise networking at Digital Equipment Corporation. He received an M.S. in Information Networking from Carnegie Mellon and a B.S. in Computer Science from Fitchburg State. Chris has served on the advisory board for the Carnegie Institute of Technology and a regional board for Literacy Volunteers of America in Massachusetts, and is an active ESL tutor with Literacy Volunteers of Massachusetts.

All posts written by Chris Lord

As Lenovo Covertly Downloads Unwanted Software, Carbon Black Sees It All

By: August 17, 2015

We love learning new things and the latest revelation around how Lenovo was using a little known Microsoft feature, the Windows Platform Binary Table (WPBT), to silently inject software into Windows installations is a case in point. Where Lenovo failed… Read More

What’s in Your Pocket? 6 Mobile Themes from RSAC 2015

By: May 1, 2015

Judging by the activity at RSA last week, mobile security vendors were ahead of mobile security concerns. The hype on the expo floor was largely absent, but the attendance in mobile security sessions was higher than I have seen in… Read More

Space Evaders: How an Extra Space in a File Name Can Fool Some Endpoint Security Solutions

By: October 6, 2014

In a recent talk entitled “Crazy Sexy Hacking” at BsidesAugusta, Mark Baggett discussed a technique that lets an unsigned malicious file masquerade as a validly signed file. The trick, Mark noted, is to name a file very similar to an… Read More

The Truth About RAM Scrapers

By: February 21, 2014

­With continuing concerns about retailers and their susceptibility to memory scraping malware, I thought it might be a good time to follow up our recent posts by Matt and Harry with a deeper examination of these memory-based threats, often referred… Read More

If You Can’t Bring Users to You, Go to Where the Users Go

By: April 5, 2013
Internet connection

Many in the community are working through identifying and remediating Darkleech malware that might have infected as many as 20,000 Apache Web servers running Linux. Behind the stories, three themes emerge: servers matter, Linux matters and blacklisting doesn’t. This type of… Read More

New Java Exploit: A Cup Half Empty

By: January 14, 2013
Java Expoit

The media doomsayers with their calls for PC users to disable Java in the wake of a vulnerability identified last Thursday were chilling. Now that Oracle has released a JDK 7 update that addresses the Java vulnerability (which made the… Read More