content top

OpenSSL Security Advisory

OpenSSL Security Advisory

OpenSSL has released a Security Advisory and released an update that will patch nine vulnerabilities.  These include issues that would allow an attacker to cause a Denial of Service (DoS) or force the client to revert to a less secure Transport Layer Security (TLS) 1.0 Protocol.  The following updates are available from OpenSSL:    OpenSSL 0.9.8 users should upgrade to 0.9.8zb    OpenSSL 1.0.0 users should upgrade to 1.0.0n    OpenSSL...

Read More

CISSP Studies

CISSP Studies

It has been a while since my last post.  With moving to a new home most of my extra time has been filled up with packing, unpacking, painting, fixing, and moving.  Everything is starting to settle down and I am looking to focus more on security related topics once again.  My employer suggested that I start studying up on the CISSP, so I purchase the official text book on my iPad so I could start reading up on the topics.  The book is 1700...

Read More

Microsoft Security Advisory 2974294

Microsoft Security Advisory 2974294

Microsoft announced a security advisory for the Microsoft Malware Protection Engine on June 17, 2014.  Microsoft states that, “the vulnerability could allow denial of service if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the specially crafted file is...

Read More

Adobe Security Update

Adobe Security Update

Adobe has announced a new security release for Adobe Flash Player 13.0.0.214 and earlier versions for Windows and Mac.  Adobe Flash Player 11.2.202.359 and earlier version for the Linux platform.  The update addresses various vulnerabilities that could allow an attacker to take control of the system. It is recommended that you update your Adobe Flash player as soon as possible to avoid any potential security issues. The following updates...

Read More

OpenSSL Security Advisory

OpenSSL Security Advisory

The OpenSSL team has issued a security advisory on June 05, 2014 identifying seven vulnerabilities.  Out of those seven the key one to look into is the SSL/TLS MITM vulnerability (CVE-2014-0224). The OpenSSL team state, “An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL/TLS clients and servers.  This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt...

Read More
content top