The recently added BugSec blog¹ on Security News Analyzed page at #30 is the source. Apparently there are several NGFW (Next generation FireWalls) systems that allow the initial handshake to occur no matter the destination, including to destinations we would want to deny. It is good to point out, that an actual connection is not … Read more
What is your weakest point in your security(People, Process & Technology)? Safe to say that people are the weakest link. And by that I mean social engineering your workforce to either click on something they should not, or do something like give out too much information (yes my boss is on vacation right now). Email … Read more
Are you considering buying a SmartTV for the office? Here is Symantec’s Blogpost discussing a Smart TV infection: (Symantec Blog is #26 on our Security News Analyzed page) http://www.symantec.com/connect/blogs/how-my-tv-got-infected-ransomware-and-what-you-can-learn-it Now your TV can get infected with Ransomware as well. What Operating Systems can a smartTV have? Tizen, WebOS 2.0, Firefox OS, or Android … Read more
Foxglovesecurity has found a problem in Java(From 11/6): http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ And the interesting thing is that Oracle is trying to sell their products and services to everyone as cloud Applications. What you don’t know is that there is no patch for a Java Library containing a vulnerability that has code to hack it for 9 … Read more
It is an interesting document from the stateoftheinternet.com https://www.stateoftheinternet.com/downloads/pdfs/SpamBot-Investigation-whitepaper-R3.pdf This botnet had 83,000 unique infections (which include webservers running all operating systems) And on page 6 where the researchers revealed the botnet: Using these logged responses, we found that the size of this botnet is fairly large. Over 1,400,000 (including duplicates from the c2) probe requests … Read more
