Tag: security
-
Flash triple threat
The last week has been a very interesting one ( read OMG it’s almost the end of the world ) in the security world. There were new threats from all corners but Adobe Flash stole the show with 3 critical issues in 2 days. All 3 issues could result in remote code execution or DoS attacks.…
-
MS Windows critical font vuln
Microsoft release an out-of-order patch yesterday for a critical vulnerability relating to custom fonts resulting in remote execution of code on a machine. More details here: http://gizmodo.com/go-update-windows-right-now-1719187152 Note that because Windows Server 2003 has just gone end-of-life, there is no update for it.
-
Home routers: security fail
It’s no secret that I absolutely hate non-business/home-based ( ADSL/3G/other ) routers. From a security point of view, they have a history of never-ending security issues that result in a variety of malicious attacks including DNS reflection, remote control, spam, malware infections and other attacks. There are other serious issues including ( but not limited…
-
Online security in the shopping season
Online security should always be the focus of anyone using the internet. Yet major holidays tend to be more important seeing as there are many who only shop online around this time. Black Friday especially is a big draw-card. The fact is that online security is part common sense and part preventative maintenance. If you…
-
Apple Pay thoughts and security
The big Apple event on Tuesday wasn’t that big a deal in my opinion. The iPhone 6 was expected although not in 2 editions but that is the least that Apple had to do to catch up with Android. Apple watch? Meh … sleek industrial design and interesting software options but ultimately I still think that smart…
-
Heartbleed finally results in some resources for OpenSSL
Heartbleed continues to cause enormous issues around the globe and is being actively attacked. Saying that, the bulk of solutions and systems out there using OpenSSL have been patched by now so the risk surface is growing smaller and smaller by the day. OpenSSL President Steve Marquess wrote in a blog post last week that…
-
Heartbleed SSL attack
The latest SSL attack in the form of Heartbleed ( ref. CVE-2014-0160 ) has burst onto the scenes in the last 24 hours with a bang. Effectively, Heartbleed is a weakness in OpenSSL that allows the theft of information that is under normal circumstances protected by SSL/TLS. It allows the memory of affected systems to be…
-
The end of Windows XP
Windows XP support will officially end on April the 8th next week. This is a very important change that appears to have escaped many people. Why important? Because you will no longer be receiving any updates ( security or other ) from Microsoft for XP. That effectively means that if there is a security hole…
-
Security issues in ADSL and other routers
I’ve never been a fan of using ADSL/Wifi routers as the main firewall for a network ( which unfortunately ends up being the case for most home users ). These are devices built to the cheapest price, using the cheapest software development and generally, there are very few ( if any updates ) for security…
-
The people we trust
The right to privacy in the new social era is no longer a given. In fact, many say that you should expect to have no privacy with information made available on the Internet. I’m a half and half kinda guy in this argument. On the one hand, pure social media information should be assumed to…
-
Android Security
I’ve been a keen Android user for many years now; as I am with all things Linux. I really do believe that Linux, and other associated FOSS software, has proven a great advantage for us bipedals, allowing those in a not so fortunate financial situation to still use high grade software and achieve their goals.…
-
Large security breach involving fast food outlets and banks in SA
A variant of the Dexter malware has apparently been running on POS systems unchecked for quite a while. All of SA’s banks have been hard hit by the losses incurred as a result of arguably one of the largest security breaches in SA history. More info here: http://www.techcentral.co.za/sa-banks-in-massive-data-breach/44338/
-
Personal security, Digital Security and Identity Theft
We live our lives in an always-on digital world these days. Medical, banking, shopping, services, mobile, multimedia – all of these are engaged with and executed on-line. Along with a whole host of threats including viruses, malware, phishing, pharming, advanced persistent threats and more. Not only do we have to deal with threats from the…
-
The cloud and security
Moving your applications and data into the cloud presents a paradox when talking about security. A recent Thales survey found that over 60% of respondents thought that the cloud provider was responsible for protecting their sensitive and/or confidential data. And over 50% said they didn’t know what their cloud provider does to protect their data.…
-
10 Immutable laws of security administration
Law #1: Nobody believes anything bad can happen to them, until it does Law #2: Security only works if the secure way also happens to be the easy way Law #3: If you don’t keep up with security fixes, your network won’t be yours for long Law #4: It doesn’t do much good to install…
