OpenSSL DoS – Daily Security Byte EP.48

This week the information security (InfoSec) community was abuzz about an upcoming critical OpenSSL update. Would it fix the next FREAK or Heartbleed? Nope. It was much less severe than expected. Nonetheless, watch today’s video to learn how quickly you should patch.

 

(Episode Runtime: 1:55)

Direct YouTube Link: https://www.youtube.com/watch?v=UkehIk0KDaw

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Proof China Hacks – Daily Security Byte EP.47

The Chinese government has always denied that they engage in information warfare. However, a document recently surfaced where they admit to having military, civilian, and mercenary “cyber” red teams. What does this mean to the average IT organization? Watch my video to find out (or check out my article below).

 

(Episode Runtime: 2:10)

Direct YouTube Link: https://www.youtube.com/watch?v=PSxbTxwSx3A

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

New Releases: Fireware and WSM version 11.9.5

red-wedge_smart-securityWatchGuard is pleased to announce the release of Fireware 11.9.5 and WSM 11.9.5. These maintenance releases provide many bug fixes, with full details outlined in the Release Notes and the  What’s New in 11.9.5 presentation.

Dimension 1.3 Update 2

Application Control information was not correctly logged from proxy policies in version 11.9.4. Along with the new Fireware release, we have also released Dimension 1.3 Update 2, which is also required to correct this issue.

Does This Release Pertain to Me?

The Fireware release applies to all Firebox and XTM appliances, except XTM 21/21-W, 22/22-W, or 23/23-W appliances.

Software Download Center

Firebox and XTM appliance owners with active LiveSecurity can obtain this update without additional charge by downloading the applicable packages from the new and improved WatchGuard Software Download Center. Please read the Release Notes before you upgrade to understand what’s involved. Known Issues are now listed in the Knowledge Base when logged in at the WatchGuard website. Note that there is also a Beta version of 11.10 available to try out at the software download center.

Contact Information

For Sales or Support questions, you can find phone numbers for your region online. If you contact WatchGuard Technical Support, please have your registered appliance Serial Number or Partner ID available.

Don’t have an active LiveSecurity subscription for your appliance? It’s easy to renew. Contact your WatchGuard reseller today. Find a Partner.

— Brendan Patterson 

Premera Healthcare Breach – Daily Security Byte EP.46

Premera Blue Cross has suffered from a network attack that may have resulted in the loss of 11 million customer records. I think you’ll see more attackers target business verticals (like healthcare) this year. Watch the video to learn why, and what you should do about it.

 

(Episode Runtime: 2:22)

Direct YouTube Link: https://www.youtube.com/watch?v=6XFSXIUWEjQ

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Securing HTTPS – Daily Security Byte EP.45

Pinterest’s recent security announcement offers a good excuse to talk about the increase in HTTPS encryption, and why you need security controls that can scan HTTPS traffic without slowing down your network. Watch the video for details.

 

(Episode Runtime: 2:52)

Direct YouTube Link: https://www.youtube.com/watch?v=9sKIfh3Xswc

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Patches and Pwns – WSWiR Episode 143

What do DRAM, Jamie Oliver, Half Life 2, Apple, and Microsoft all have in common? They were all affected by information security issues this week. The amount of information security news coming out each day is off the charts. If you need help keeping up, check out this weekly video summary.

Today’s show covers Apple and Microsoft security updates, a new science fiction-like DRAM hack, some gamer focused ransomware, and much more. Learn about it in the video, or peruse the References section for details if you prefer.

(Episode Runtime: 10:55)

Direct YouTube Link: https://www.youtube.com/watch?v=SG5xRcNMZbc

EPISODE REFERENCES:

EXTRAS:

 

— Corey Nachreiner, CISSP (@SecAdept)

Jamie Oliver Hacked Again – Daily Security Byte EP.44

There’s a lot of InfoSec news today, but I’m most fascinated with that fact that Jamie Olivier’s web site has been hijacked yet again. It may provide a perfect example of how not to secure your web site. Check out today’s short video for details, and I threw a few extras in the References below.

 

(Episode Runtime: 1:48)

Direct YouTube Link: https://www.youtube.com/watch?v=Gq8GL3wsrVo

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Gamer Ransomware – Daily Security Byte EP.43

The latest Cryptolocker look-alike is going after gamers. If you want to avoid losing your latest game saves, or your homemade, one-of-a-kind, custom maps, be sure to watch today’s video to see what to do.

 

(Episode Runtime: 2:56)

Direct YouTube Link: https://www.youtube.com/watch?v=4ur_nQ0tIHk

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Rowhammer Pwns DRAM – Daily Security Byte EP.42

The new Rowhammer attack exploits the physics of electricity on DRAM chips to gain root control of computers. Want to learn more? Watch the video or check out the references below.

 

(Episode Runtime: 2:31)

Direct YouTube Link: https://www.youtube.com/watch?v=SKycd-eE8Js

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Microsoft March Patch Madness – Daily Security Byte EP.41

Today’s Microsoft Patch Day is huge, with 14 bulletins fixing tens of vulnerabilities (many Critical). If you want to protect your encrypted web connections, and plug a five year old, zero day hole, you should update. See the video for details, or check out our blog post from earlier.

 

(Episode Runtime: 2:28)

Direct YouTube Link: https://www.youtube.com/watch?v=8DR4S6OlxBI

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 7,870 other followers