Patch Tuesday has passed, but the ramifications have not. All over sysadmins are deciding what patches to apply and when. Here is the report of what is happening: https://support.microsoft.com/kb/2992611 MS14-066 Schannel vulnerability is a bad remote code execution bug (must be patched) Internet Storm Center recommends this is a patch now kind of … Read more
Microsoft Security research and Defense Blog has the scoop: Also Internet Storm center Post “If you are using Internet Explorer 11, either on Windows 7 or Windows 8.1, and have deployed EMET 5.0, it is particularly important to install EMET 5.1 as compatibility issues were discovered with the November Internet Explorer security update and the … Read more
I am going to list various events and their lessons that we “should” learn from(my weekend reading): Home Depot hack from KrebsonSecurity Nov7 post: 56 million emails were harvested as well as the 53 million credit card numbers. “Home Depot said the crooks initially broke in using credentials stolen from a third-party vendor. The company … Read more
Palo Alto Networks has found a Mac malware targeting the OS and iOS systems. It is only thte second known malware family. It is the first known malware to automate generation of malicious iOS apps. It is the first to install in-the-wild malware on non-jail-broken iOS devices through enterprise And the following is the most … Read more
The conclusion of The July 2014 Insurance Industry Working Session: from the USDA.gov page Ok, I admit the conference did not talk about Smokey the Bear for cyberspace very much if at all. Specifically: “The Federal government may be in the best position to drive awareness and education about cyber risk and, by extension, … Read more
