content top

Shell Shock bug affecting Unix, Linux and Mac OSX computers and servers

Shell Shock bug affecting Unix, Linux and Mac OSX computers and servers

A new bug has been found in the widely used BASH command interpreter used on many Linux and OSX systems.  This effectively puts at risk of being hacked many servers, PCs, Mac OSX systems, routers, websites and anything that uses the BASH command interpreter.  The vulnerability can be found in versions up to and including 4.3 and was discovered by Stephane Chazelas. According to the NIST vulnerability database, which rates the flaw 10 out...

Read More

Home Depot continues investigation

Home Depot continues investigation

Home Depot is continuing their investigation into the possible security breach, and have since also brought the Secret Service into the investigation.  Brian Krebs found an interesting correlation between new cards being place online for sale recently with the location of Home Depot stores across the nation.  The new credit cards are listed by region and zip code, as the thieves that purchase these cards know in order to stay under the...

Read More

Home Depot investigates possible breach

Home Depot investigates possible breach

Home Depot has been investigating a possible breach to their systems in which customers credit cards would have been compromised.  Brian Krebs reported on this on his site, where he stated, “Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground.”  Home Depot is currently investing...

Read More

Microsoft recalls MS14-045

Microsoft recalls MS14-045

Microsoft has recalled the Security patch MS14-045 that was originally released on August 12th, and again revised on August 15th.  The security patch addresses vulnerabilities in Kernel-Mode Drivers that could allow elevation of privileges.  The original update was being reported to cause issues on systems after installing the patch, such as a BSOD.  Microsoft has corrected the problem and the patch was released again on August 27th. ...

Read More

OpenSSL Security Advisory

OpenSSL Security Advisory

OpenSSL has released a Security Advisory and released an update that will patch nine vulnerabilities.  These include issues that would allow an attacker to cause a Denial of Service (DoS) or force the client to revert to a less secure Transport Layer Security (TLS) 1.0 Protocol.  The following updates are available from OpenSSL:    OpenSSL 0.9.8 users should upgrade to 0.9.8zb    OpenSSL 1.0.0 users should upgrade to 1.0.0n    OpenSSL...

Read More

CISSP Studies

CISSP Studies

It has been a while since my last post.  With moving to a new home most of my extra time has been filled up with packing, unpacking, painting, fixing, and moving.  Everything is starting to settle down and I am looking to focus more on security related topics once again.  My employer suggested that I start studying up on the CISSP, so I purchase the official text book on my iPad so I could start reading up on the topics.  The book is 1700...

Read More
content top