October 16 , 2014 | Posted by Nachreiner | No Comments
How to Neuter POODLE (New SSL Vulnerability)

Surprise, surprise… Researcher’s have found yet another OpenSSL vulnerability. They’ve named this one POODLE. Silly name, I know, but at least it stands for something—Padding Oracle On Downgraded Legacy Encryption. In

Read more

 0
October 10 , 2014 | Posted by Nachreiner | No Comments
ATM Trojan – WSWiR Episode 124

Nine MS Bulletins, Sneaky DRM, and ATM Trojan Every week, the security community learns about new attacks, exploits, breaches, security patches, and more. However, keeping track of all this fresh information security

Read more

 0
October 3 , 2014 | Posted by Nachreiner | No Comments
WatchGuard Security Week in Review in Writing (Oct.3, 2014)

iOS Trojan, BadUSB PoC, and Gamer Hackers Charged Normally, I post a weekly video that summarizes the three biggest information and network security stories every Friday. However, due to a busy travel

Read more

 0
September 26 , 2014 | Posted by Nachreiner | 3 Comments
Shellshock – WSWiR Episode 123

Serious Bash Flaw affects *nix, Mac OS X, and IoT Normally, my weekly video covers a number of important information and network security stories, in order to keep you informed

Read more

 0
September 25 , 2014 | Posted by WatchGuard | 1 Comment
Bash or “Shellshock” vulnerability

Summary News is breaking about a major new high severity vulnerability, CVE-2014-6271, with widespread impact. Gnu Bourne again shell (Bash) is a UNIX like command shell that is included in most

Read more

 0
September 19 , 2014 | Posted by Nachreiner | No Comments
Printer Doom Hack – WSWiR Episode 122

Apple Patches, Kindle XSS, and Doom Printer Hack If you want to stay current with the Internet “threatscape,” our weekly video can help. It summarizes each week’s top information and network

Read more

 0
September 14 , 2014 | Posted by Nachreiner | No Comments
Old Gmail Leak – WSWiR Episode 121

Patch Day, Home Depot Update, and Gmail Leak Why go searching for all the week’s information security (infosec) news when you can find it in one convenient place. This weekly

Read more

 0
September 13 , 2014 | Posted by Nachreiner | No Comments
Adobe Patches Flash but Delays Reader Update

Summary: This vulnerability affects: Adobe Flash Player running on all platforms and Adobe Air How an attacker exploits it: By enticing users to visit a website containing malicious Flash content Impact:

Read more

 0
September 10 , 2014 | Posted by Nachreiner | 1 Comment
Windows 8.x and Server 2012 Suffer From Local EoP Vulnerability

Severity: Medium Summary: These vulnerabilities affect: Windows 8.x, Server 2012, and RT How an attacker exploits it: By running a specially crafted application Impact: A local low privileged attacker can gain SYSTEM privileges

Read more

 0
September 10 , 2014 | Posted by Nachreiner | No Comments
Microsoft Corrects Lync Server and .NET Framework DoS Flaws

Severity: Medium Summary: These vulnerabilities affect: Lync Server and .NET Framework How an attacker exploits them: Various, including by sending maliciously crafted packets or launching specially crafted calls Impact: An attacker could slow down or

Read more

 0
September 10 , 2014 | Posted by Nachreiner | 2 Comments
Mega IE Update Corrects 37 Vulnerabilities; Including Zero Day

Summary: These vulnerabilities affect: All current versions of Internet Explorer How an attacker exploits it: By enticing one of your users to visit a web page containing malicious content Impact: Various,

Read more

 0
September 10 , 2014 | Posted by Nachreiner | 2 Comments
Microsoft Black Tuesday: Windows, IE, Lync, and .NET Patches

As you may know, today was Microsoft Patch Day. If you manage a Windows-based network, it’s time to get the latest updates. According to Microsoft’s summary post, the Redmond-based software

Read more

 0