Heartbleed – on the mend

Internet Storm Center

says Heartbleed around the net is slowly being patched.

How do they know that?  Well, in case you are not a programmatic person…

One can easily scan the Internet to find out what is going on, and that is exactly what the bad guys are doing all the time.

They know when a system is not patched.  Because they are scanning systems.


We recommend that you also scan your systems to find out what is going on   (A – Σ – Ω)

We have 3 scanning solutions on our Solutions page.

Check a website before changing your password

Use LastPass check which allows the user to test a website to know whether it has updated the openssl technology.

Some site do not have this type, and may not matter, and others may have openssl and have patched.

But yet others may not be aware of this vulnerability… and if that is the case you can assume a hacker may be able to capture your password  even though your lock is on the browser.


this vulnerability means the gold lock is not working for some websites out there.

New OpenSSL exploit found (CVE-2014-0160)- called Heart Bleed

Many vendors have put out statements  for OpenSSL vulnerability (CVE-2014-0160):

This is a vulnerability in the encryption technology (OpenSSL) on websites and other systems. If you cannot safely access websites with encryption technologies it is a bad day on the Internet

isc  has a full list – list is increasing:

But most interesting (to me) is Cisco, Redhat and Checkpoint, as they are the lifeblood of Internet

Cisco – http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

CheckPoint – https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100173

Redhat – https://access.redhat.com/security/cve/CVE-2014-0160


Do your systems have this vulnerability?   we can scan and find out for you.  There are specific tools being developed by the hackers and good guys so as to attack/patch effectively.

We test and audit your environment to make you safer    (A – Σ – Ω)

Some ports are used by viruses and legitimate uses Port 6789 is one

Port 6789 according to Speedguide.net the port can be used by a Netsky worm variant, but is also used by the Sun cluster manager.

In fact that is how the worm replicates itself across the Internet, by using the Java software on the cluster manager software (smc-https  or Solaris Management console).


Many ports are thus always attempted to be used by viruses and hackers, it is important to continually be vigilant, and cut down on the possibility of hacking attempts.

review your systems with our products (A – Σ – Ω) and protect your computers and network.

Protecting your network is not going to be easy.

New Public Breach at sally Beauty Supply

bankinfosecurity has the information


The initial reports were that it was a data breach, but no credit card data was stolen, but 11 days later it looks as many as 25,000 records were exposed and stolen

Sally Beauty Supply operates approximately 500 stores worldwide and had $3.6 billion in sales in 2013.


As usual this may take some time to fully develop.  Always check your credit card statements for fraudulent activity.