Microsoft releases an advisory and fix-it tool to disable SSL3 in Internet Explorer, recommends SSL 3 is disabled on all systems. It appears they are also disabling SSL3 on all their hosted internet services. I recommend we all do likewise.
If you subscribe to the InfoSecNews mailing list, as I have for several years, you know they provide valuable content. If you don’t, wander over…
FFTF’s Net neutrality campaign against big media appears to be paying off – according to them. As a collective group, we “The Internet” have fought off corporate mongers before. Can we do it again and permanently institute fair bandwidth allocation for all? Can we prevent big media from buying their way into first place across the internet, forcing everyone else into the background?
After a long hiatus, I’m finally going to post a blog entry! Yeah me!
Just when you were running around looking for something…ANYTHING…to do, three major IT vendors release a crapton of patches.
Just came across the new zero-day in Windows which affects all versions. The patch should be available today under MS14-060, but I haven’t seen it yet to link it. It’s also not showing in WSUS.
Boredom and too many “junk” computers scattered around my home finally congealed into a small-scale IDS system. I’ve been toying with the idea of setting up Suricata to see how it compares to Snort, but I wanted to prototype a scalable multi-node system. I’ve done this in the past, but it’s been several years and ran Snort/Barnyard/ACID. So this isn’t a new idea, but I’m thinking about scaling out more with SSH-tunnels between multiple “scanners” and the “mothership.” Long-term the nodes would be all-in-one, low footprint plug-and-play units.
Nessus just released a plugin to scan for the lastest Cisco ASA vulnerabilities. I haven’t yet heard of any IDS rules for this. I also…
Looks like cybercrooks planted malware on Dairy Queen and Kmart’s point of sale systems. Kmart customers are at risk of having their cards clone, but…
Microsoft release the advanced notification today for October 2014, which includes three critical vulnerabilities for Windows, Internet Explorer and .NET. Other patches for Microsoft Office…
