Tag Archives: patch

Critical BIND DoS – Daily Security Byte EP.121

The most popular DNS server on the market, BIND, suffers from a new denial of service (DoS) vulnerability that’s trivial to exploit. Watch today’s episode to learn what to do.

(Episode Runtime: 1:21)

Direct YouTube Link: https://www.youtube.com/watch?v=ZxsRs9Ll2-g

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

July Patch Avalanche – Daily Security Byte EP.114

This Patch Tuesday, Adobe and Oracle shared the spotlight with Microsoft, releasing updates for well over 200 vulnerabilities. Furthermore, the patches included fixes for flaws leaked during The Hacking Team fiasco. Watch today’s video for details, and be sure to update as soon as you can.

Show Note: Due to continued travel, there will likely be no video on Thursday, though I will return with one on Friday. I’ll probably skip the weekly video this time due to the light week.

(Episode Runtime: 2:21)

Direct YouTube Link: https://www.youtube.com/watch?v=aoLhMVu4zzI

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Hacked Team Flash ’Sploit Patched – Daily Security Byte EP.112

Among all the embarrassing stolen data from The Hacking Team breach was a serious Adobe Flash zero day vulnerability, which is now in the hands of any blackhat criminal who knows how to use Google. If you don’t want cyber criminals exploiting this flaw against you, watch today’s video to learn what you can do.

(Episode Runtime: 1:47)

Direct YouTube Link: https://www.youtube.com/watch?v=05Vgkg9l-1M

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

June Apple Patch Day – Daily Security Byte EP.107

If you use Apple productson Mac or PCknow that today is Apple Patch Day. The popular software company released six security advisories (originally five, but they had a late breaking advisory) fixing many security flaws in most of their most popular products. Watch today’s video to learn which products are affected, and what you should patch (or check the Reference section for a link to the page with all the details).

As an aside: Sorry about the bad links yesterday, and thanks for those that informed me. If you go to the blog, the link for yesterday’s video is corrected there.

(Episode Runtime: 1:24)

Direct YouTube Link: https://www.youtube.com/watch?v=KwyHlFUPga4

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Spam Spreads 0day Flash Exploit – Daily Security Byte EP.102

Adobe released an emergency patch today to fix a zero day Flash vulnerability, which a security company found attackers exploiting in the wild. Watch today’s short video to learn how these alleged Chinese attackers delivered this exploit, and what you can do to protect yourself from it.

(Episode Runtime: 2:31)

Direct YouTube Link: https://www.youtube.com/watch?v=mSXb6N1k-ok

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Lenovo Security Fail – Daily Security Byte EP.78

A few months ago, some of Lenovo’s preinstalled adware got them into security hot water. Looks like their pre-installed software has struck again. Watch today’s video to learn about the latest Lenovo vulnerabilities and what you can do about them.

 

(Episode Runtime: 1:54)

Direct YouTube Link: https://www.youtube.com/watch?v=2jU2b42iVY4

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

0Day WordPress XSS – Daily Security Byte EP.71

A really, really long comment could allow an attacker to hijack your WordPress blog. Watch today’s quick video to learn about the zero day XSS flaw reported by a Finnish security researcher, and what you can do about it.

 

(Episode Runtime: 1:48)

Direct YouTube Link: https://www.youtube.com/watch?v=H2XR2tnm0yQ

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Cisco Routers Need Patching – Daily Security Byte EP.54

This week, Cisco released an advisory telling IOS device users to patch. The latest IOS update fixes three vulnerabilities, which specifically affect administrators who use Cisco’s Autonomic Networking Infrastructure (ANI). Watch today’s video to learn more about these flaws, especially if you have ANI enabled.

 

(Episode Runtime: 1:21)

Direct YouTube Link: https://www.youtube.com/watch?v=PMOESrmT8qU

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

OpenSSL DoS – Daily Security Byte EP.48

This week the information security (InfoSec) community was abuzz about an upcoming critical OpenSSL update. Would it fix the next FREAK or Heartbleed? Nope. It was much less severe than expected. Nonetheless, watch today’s video to learn how quickly you should patch.

 

(Episode Runtime: 1:55)

Direct YouTube Link: https://www.youtube.com/watch?v=UkehIk0KDaw

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

#OpKKK – WSWiR Episode 130

Emergency Windows Patch, Malware Vs. Passwords, and #OpKKK

Nowadays, researchers, hackers, and the media bombard us with tons of information security (InfoSec) news each week. There’s so much, it’s hard to keep upespecially when it’s not your primary job. However, I believe everyone needs to be aware of the latest InfoSec threats. If you want to protect your network, follow our weekly video so I can quickly get you up to speed every Friday.

Today’s episode covers a critical out-of-cycle Microsoft patch, talks about the latest updates to a nasty piece of mobile malware, and explores the ethical issues surrounding a recent Anonymous attack campaign, Operation KKK. Press play for the details, and see the references below for more stories.

As an aside, after shooting this week’s video, I learned attackers may have stolen a bunch of passwords from many popular online services. It may be a hoax, but if you use Windows Live, PSN, or 2K Games, you should probably change you password… just to be safe. Have a great weekend!

(Episode Runtime: 10:44)

Direct YouTube Link: https://www.youtube.com/watch?v=XUsqxsHvVZc

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

Follow

Get every new post delivered to your Inbox.

Join 7,999 other followers

%d bloggers like this: