Good Day For Reflection: Improve Cloud Security
It’s good to do some reflection, and this is the last Saturday of he month, so here we are. Securosis’ Rich latest post https://securosis.com/blog/summary-heads-up has a decent summary post,…
Why is Cybersecurity hard? XXE injection
Where do we start? In the beginning … well, fortunately we do not have to talk creation or evolution, let’s just go back to early 90’s when the Microsoft Windows…
Ghost: glibc vulnerability CVE2015-0235
How dangerous is it? It is an inherent Linux glibc vulnerability. RedHat is discussing it on their articles page – has the CVE number 2015-0235 https://access.redhat.com/articles/1332213 It is nicknamed “Ghost” due…
International Data Privacy Day is false observance
Yes you knew it would happen, Jan 28 is International Day of Privacy Day https://blog.mozilla.org/blog/2015/01/27/get-smart-on-international-data-privacy-day/ Of course it has many meanings from authoritative sources: http://en.wikipedia.org/wiki/January_28 or http://www.on-this-day.com/onthisday/thedays/alldays/jan28.htm this may be…
QWERTY keylogger: “Connect the Dots”
Snowden documents lead to Regin and malware. http://threatpost.com/researchers-link-regin-to-malware-disclosed-in-recent-snowden-documents/110667 The malware seems to be related to the QWERTY keylogger found in the Snowden documents. The researchers claim a connection with Regin…