Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Symantec SSL Certificates No Longer Secure

If you have a Symantec certificate on your HTTPS website, Chrome 70 and Firefox 63 will both be disowning any web certificates signed by Symantec.  From this month forward, anyone with Chrome or Firefox who browses to a web page “secured” with a Symantec certificate will see an unequivocal warning insisting that ...

Continue Reading →
27
OCT
0

cybersecurity, Linux, Software vulnerability, Weekend Update, Windows 10

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

MS-ISAC Releases Advisory on PHP Vulnerabilities

10/12/2018 06:37 PM EDT  Original release date: October 12, 2018

The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system.  NCCIC encourages users and administrators to review Continue Reading →

20
OCT
0

Facebook, malware, social networks, Software vulnerability, Weekend Update

,

Problems with Password Manager Phone Apps

If you use a password manager app on your smartphone, it may be vulnerable to package name spoofing, which would allow the password manager’s autofill feature to enter your login credentials on a spoofed web form.  This vulnerability applies to popular apps from LastPass, Dashlane, Keeper, and 1Password.

I have been an advocate for password managers.  They are part of the solution to creating ...

Continue Reading →
15
OCT
0

cybersecurity, passwords, Phishing, Security, smartphones, Software vulnerability

What Might A Future Cyber-War Look Like?

We have entered the age of cyber war.   Believe it or not, cyber war operations are going on right now in many places across the globe.  Most of these operations are covert, and often hard to attribute directly to a particular nation-state or adversary.

Marc Cancian has written a gripping report titled Coping with Surprise in Great Power Conflicts.  It ...

Continue Reading →
12
OCT
2

cybersecurity, law and policy, News and politics, Software vulnerability

,

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

[INFOGRAPHIC] Introducing The Psychology of Passwords

From LastPass – It feels like almost every day there’s another data breach in the news, or a case of user credentials up for sale on the Dark Web. Despite the headlines, and repeated warnings from experts about weak passwords and the dangers of password reuse, users have yet to change their online ...

Continue Reading →
8
SEP
0

authentication, Computers and Internet, Internet of Things, Linux, passwords, Software vulnerability, Weekend Update, Wi-Fi, wireless

,

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Microsoft disrupts Fancy Bear election meddlers

In a new skirmish, Microsoft took control of six internet domains that were about to be used by the group to spoof US political organizations.

SamSam: The (almost) $6 million ransomware

New research reveals that SamSam ransomware has affected far more victims, and raised far more ransom, than previously thought.

Continue Reading →
25
AUG
0

crypto-currency, law and policy, ransomware, Software vulnerability, Weekend Update, Windows 10

, ,

Inside Iran’s Operation Cleaver

While the US Cyber Command has been focusing on the Chinese, North Koreans, and the Russians, and their respective intrusions into the networks of US companies, energy utilities, our military, and government agencies, Iran has been creating a world-class cyber-ops unit of their own.  Details about what is being called “Operation Cleaver” has been released by security company Cylance.

The Iranian ...

Continue Reading →
24
AUG
0

Computers and Internet, cybersecurity, News and politics, Software vulnerability

, , ,

Safe and Legal Places to Exercise Your Pen-Testing Foo

In our last post we looked at a great way to set up a pen-testing lab.  Fortunately, the quandary over finding a safe place to practice your pen-testing skills has led to the creation of dozens of hacker-friendly learning sites.  Several have been provided by OWASP, and there are other contributors out there with multiple sites.  Here are a bunch of good options.

Continue Reading →
22
AUG
0

certification, cybersecurity, education, Software vulnerability, training

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Hackers break into voting machines within 2 hours at Defcon

Hackers from around the world (not just Russia) had the rare opportunity to crack election-style voting machines this weekend in Las Vegas.

Malicious Cyber Activity Targeting ERP Applications

07/25/2018 07:55 AM EDT  Original release date: July 25, 2018

Digital Shadows ...

Continue Reading →
18
AUG
0

Computers and Internet, cybersecurity, Software vulnerability, Weekend Update

, , , , ,

Six Simple Malware Removal Tips Anyone Can Use

You think you just got a malware infection on your computer, but you’re not sure, and you aren’t sure what to do.  Take it to the Geek Squad or another qualified IT shop?  If only there were simple things you could try on your own.  The good news is there are, and we will show you some of them today.

  • So it seems you might have a malware issue.  These are my ...
Continue Reading →
10
AUG
0

cybersecurity, malware, Software vulnerability, Spyware, Trojan, Virus, Viruses

Page 2 of 10 12345...»