IT Security work seems like we are in “Groundhog Day” the movie

You know the movie which makes Phil(Bill Murray) relive the same day until he gets it right.  http://www.imdb.com/title/tt0107048/ I asked Google how many days are in the movie “Groundhog Day”?   8 years, 8 months and 16 days, the director said 10 years.   IT security is just like that except it should be called … Read more

I Want My Internet 24/7- HACKERS KNOW THAT

Yes, we realize that everyone wants to Google something whenever you need to look up something. Our Website must be up all the time. Email has to work. YouTube watching, surfing the Internet – it is our right to go wherever we want. Visit Government websites when needed. Watch Netflix, and all our News channels … Read more

Must Patch Microsoft MS015-034 ASAP

Tuesday the patch was released: Here is where it started CVE-2015-1635  Description: HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka “HTTP.sys Remote Code Execution Vulnerability.” the vulnerability was created 20150217 MS:MS15-034 http://technet.microsoft.com/security/bulletin/MS15-034 … Read more

Forever Day Vulnerability Affects All Windows Versions

Forever Day is a play on the “Zero-day” vulnerability which means the application vulnerability has not been patched and can be hacked. Forever-day now means it is always vulnerable (unless the software vendors figure out a patch), although it may be a configuration problem.   Dark reading has the story: http://www.darkreading.com/endpoint/new-security-flaw-spans-all-versions-of-windows/d/d-id/1319884 The most interesting paragraph: … Read more

Fake Apps Fooling Thousands

It is worthwhile to discuss Fake apps: http://www.hotforsecurity.com/blog/dont-be-fooled-bitdefender-anti-prank-tool-does-not-exist-11664.html There are “fake” apps which claim to be anti-virus or other legitimate apps (like games) but in reality are stealing your information on your phones and computers. Example: Guardian story Here is a Criminal developer boasting(on a discussion board) about creating the fake Flappybird app which steals … Read more