Posts Tagged ‘ infosec ’

UEFI Secure Boot mechanism bypassed

June 4, 2014
UEFI Secure Boot mechanism bypassed

From the article: The Secure Boot security mechanism of the Unified Extensible Firmware Interface (UEFI) can end up bypassed on around half of computers that have the feature enabled, a researcher said. Fun times. #InfoSec  http://www.isssource.com/new-attacks-beat-secure-boot/? New Attacks Beat Secure Boot | The Secure Boot security mechanism of the Unified Extensible Firmware Interface (UEFI) can end […]

Tags:
Posted in Google+ | No Comments »

Spotify was hacked, but don't panic – yet

May 28, 2014
Spotify was hacked, but don't panic – yet

It looks like only one user was compromised and it didn't involve any passwords or financial data.  A new version of the Android app will be available soon and users will be required to upgrade.  Apparently it doesn't affect the desktop or iPhone apps. #InfoSec   http://news.spotify.com/us/2014/05/27/important-notice-to-our-users/? Important Notice to Our Users We’ve become aware […]

Tags:
Posted in Google+ | No Comments »

Everything is broken

May 24, 2014
Everything is broken

#InfoSec Reshared post from +Ward Mundy If you read nothing else about Internet Security, read this… https://medium.com/message/81e5f33a24e1 #linux   #internet   #security   #voip   #asterisk  ? Everything Is Broken Once upon a time, a friend of mine accidentally took over thousands of computers. He had found a vulnerability in a piec… This post has […]

Tags: , , , , ,
Posted in Google+ | 4 Comments »

Vulnerability in Internet Explorer 8 Could Allow Remote Code Execution

May 23, 2014
Vulnerability in Internet Explorer 8 Could Allow Remote Code Execution

A vulnerability has been discovered in Microsoft's web browser, Internet Explorer, which could allow an attacker to take complete control of an affected system. Successful exploitation of this vulnerability could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then […]

Tags:
Posted in Google+ | No Comments »

Cisco has released two security advisories

May 22, 2014

One of the advisories involves remote attackers being able to "execute arbitrary code with elevated privileges."  Please review the warnings and apply updates as needed. #InfoSec  ? Embedded Link Cisco Releases Security Advisories | US-CERT Cisco has released two security advisories to address multiple product vulnerabilities, one of which may allow a remote attacker to […]

Tags:
Posted in Google+ | No Comments »

Today is a good day to change your eBay password

May 21, 2014
Today is a good day to change your eBay password

eBay announced today that customer data, including encrypted passwords were lost in an attack that occurred between late February and early march. As a result, they are requiring users to change their password. No financial information was lost, but users' name, address, email, and other details were compromised. #InfoSec ? eBay Inc. To Ask eBay […]

Tags:
Posted in Google+ | No Comments »

Blackshades Global Take Down

May 19, 2014
Blackshades Global Take Down

Multiple malware products under the "Blackshades" name were marketed and sold direct to the public, the worst of which is the Remote Access Tool, or RAT.  These software products were used to secretly spy on unsuspecting victims, steal passwords and credentials, etc.  19 different countries collaborated in the operation, but the FBI believes it had […]

Tags:
Posted in Google+ | 1 Comment »

Google Releases Security Update for Chrome

May 14, 2014
Google Releases Security Update for Chrome

Google has released Chrome 34.0.1847.137 for Windows, Mac, and Linux to address multiple vulnerabilities. Some of these vulnerabilities could potentially allow an attacker to take control of the affected system. http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html #InfoSec  ? Stable Channel Update The Stable Channel has been updated to 34.0.1847.137 for Windows, Mac and Linux. This release also contains a Flash […]

Tags:
Posted in Google+ | 2 Comments »

Tomorrow is May's "Patch Tuesday"

May 12, 2014

 There are 8 bulletins, 2 critical, and nada for XP.  Since support for XP has ended, please strongly encourage your friends and family members who have it to upgrade or get new computers ASAP!  We have enough botnets and infected computers out there already, their contribution is no longer needed. #InfoSec  ? View this post […]

Tags:
Posted in Google+ | No Comments »

A month in, and supposedly 300,000 servers are still vulnerable to heartbleed

May 10, 2014
A month in, and supposedly 300,000 servers are still vulnerable to  heartbleed

#InfoSec? 300,000 Servers Still Vulnerable to Heartbleed Vulnerability After One Month Security researcher Robert David Graham found that 300,000 Servers Still Vulnerable to Heartbleed Vulnerability Even After One Month. This post has been reshared 1 times on Google+ View this post on Google+

Tags:
Posted in Google+ | No Comments »

Switch to our mobile site