US-CERT (Computer Emergeny Readyness Team) reminds us that Support is ending soon(July 14, 2015). Microsoft says there are 24 million instances still running 2003 server. It is time to upgrade, for those of you still running Windows Server 2003, or at least put in a plan to replace the system with a 2012 machine by … Read more
Garwarner Blog post reveals some details of various posts on the Internet that discuss the paper written by Google and other University of San Diego residents Here is the Abstract: “Online accounts are inherently valuable resources—both for the data they contain and the reputation they accrue over time. Unsurprisingly, this value drives criminals to steal, … Read more
Patch Tuesday has passed, but the ramifications have not. All over sysadmins are deciding what patches to apply and when. Here is the report of what is happening: https://support.microsoft.com/kb/2992611 MS14-066 Schannel vulnerability is a bad remote code execution bug (must be patched) Internet Storm Center recommends this is a patch now kind of … Read more
Microsoft Security research and Defense Blog has the scoop: Also Internet Storm center Post “If you are using Internet Explorer 11, either on Windows 7 or Windows 8.1, and have deployed EMET 5.0, it is particularly important to install EMET 5.1 as compatibility issues were discovered with the November Internet Explorer security update and the … Read more
I am going to list various events and their lessons that we “should” learn from(my weekend reading): Home Depot hack from KrebsonSecurity Nov7 post: 56 million emails were harvested as well as the 53 million credit card numbers. “Home Depot said the crooks initially broke in using credentials stolen from a third-party vendor. The company … Read more
