RedHat still vulnerable to Bash shellcode

RedHat customer portal Red Hat has become aware that the patch for CVE-2014-6271 is incomplete. An attacker can provide specially-crafted environment variables containing arbitrary commands that will be executed on vulnerable systems under certain conditions. The new issue has been assigned CVE-2014-7169. This issue (CVE 2014-6271) has not been resolved on RedHat Operating systems (i.e. no … Read more

Nmap an excellent tool for scanning

nmap.org  has some info, but we also review sites with insight into scanning.    Nmap is short for Network Mapper. Ethical hacking – Penetration Testing  By Bhargav Tandel Nix Craft  also a good site about nmap insights  NixCraft is an online community of new and seasoned Linux / Unix sysadmins who want to make the … Read more

What happened to JP Morgan hack of 76 mil accounts?

Wall street Journal has the story behind their paywall. In mid-June hackers attacked and gained access to servers and data. 2 months go by and JPMorgan defense does not know anything,  the hackers steal 76 million accounts and use JP Morgan servers. In mid August is when the cybersecurity teams actually find the problems and … Read more

tryal.ru aldgames.ru probed this site yesterday

it looks like www.oversitesentry got probed yesterday over 46506 hits. (normal is in the thousands or hundreds, not tens of thousands.  and it all originated from ‘tryal.ru’ I suspect it is a malware intrusion attempt, or a serious probe for passwords or something. I check my logs regularly, so I noticed this was very unusual not … Read more

ComputerCop is insecure and can give info to hackers

There is a program that some law enforcement agencies  have given to families across the country It is called ComputerCOP.  The EFF (Electronic Frontier Foundation) has reviewed and analyzed the program, and unfortunately it consists of a keylogger and transmits data unencrypted across the Internet. if someone enters a credit card or password username combinations, then … Read more