October Patch Bonanze, Leaky Apps, and POODLE Cyber security has gone main stream, which means we’re getting a lot more security news each week than we used to. This week was even busier than usual, with updates fixing hundreds and hundreds of security vulnerabilities, as well as a significant vulnerabilities in a encryption standards. If you’re having trouble keeping track of the most important security info on your own, let our week video summary do it for you.
How to Neuter POODLE (New SSL Vulnerability)
Surprise, surprise… Researcher’s have found yet another OpenSSL vulnerability . They’ve named this one POODLE. Silly name, I know, but at least it stands for something—Padding Oracle On Downgraded Legacy Encryption
ATM Trojan – WSWiR Episode 124
Nine MS Bulletins, Sneaky DRM, and ATM Trojan Every week, the security community learns about new attacks, exploits, breaches, security patches, and more. However, keeping track of all this fresh information security (infosec) news can be challenging for most IT practitioners.
WatchGuard Security Week in Review in Writing (Oct.3, 2014)
iOS Trojan, BadUSB PoC, and Gamer Hackers Charged Normally, I post a weekly video that summarizes the three biggest information and network security stories every Friday. However, due to a busy travel and work schedule I couldn’t find a convenient time to shoot. But fear not… Instead, I’ll post a written summary this week, and continue with the video posts next week.
Shellshock – WSWiR Episode 123
Serious Bash Flaw affects *nix, Mac OS X, and IoT Normally, my weekly video covers a number of important information and network security stories, in order to keep you informed of the latest threats. However, this week one story is so important I give it the primary focus. Today’s show covers the critical “Shellshock” vulnerability in Bash.
Bash or “Shellshock” vulnerability
Summary News is breaking about a major new high severity vulnerability, CVE-2014-6271 , with widespread impact. Gnu Bourne again shell (Bash) is a UNIX like command shell that is included in most distributions of Linux and also Apple OS X. The vulnerability allows an attacker to create environment variables that include malicious code before the system calls the Bash shell.
Printer Doom Hack – WSWiR Episode 122
Apple Patches, Kindle XSS, and Doom Printer Hack If you want to stay current with the Internet “threatscape,” our weekly video can help.
Old Gmail Leak – WSWiR Episode 121
Patch Day, Home Depot Update, and Gmail Leak Why go searching for all the week’s information security (infosec) news when you can find it in one convenient place. This weekly vlog summarizes the important security updates, hacks, and threats so you can protect yourself. This week’s episode arrives a bit late due to my business travel in Europe.
Adobe Patches Flash but Delays Reader Update
Summary: This vulnerability affects : Adobe Flash Player running on all platforms and Adobe Air How an attacker exploits it : By enticing users to visit a website containing malicious Flash content Impact : In the worst case, an attacker can execute code on the user’s computer, potentially gaining control of it What to do : Download and install the latest version of Adobe Flash Player for your platform Exposure: Adobe Flash Player displays interactive, animated web content called Flash . Although Flash is optional, 99% of PC users download and install it to view multimedia web content.
Reset a Firebox T10 Device
This video tutorial explains when and how to reset a Firebox T10 device to its factory default settings.