If you want to be the best woodchopper, you need to sometimes sharpen your tools. In information security, this mean keeping track of the latest threats, vulnerabilities, attack methods, and news. Yet, most IT folks barely have the time to go home and sleep. If you struggle to follow security news yourself, my weekly video summarizes the big stuff for you. In this week's … [Read more...]
Paranoia 2014 – WSWiR Episode 100
Word 0day, Cisco DoS, and Bricked Androids My weekly InfoSec summary arrives bit late this time due to business travel. Last week, I spoke at Watchcom's Paranoia conference in Oslo Norway, so I couldn't post my security news summary until the weekend. Nonetheless, why not start your week off by quickly catching up on last week's news. This week's episode includes a quick … [Read more...]
Cisco Patch Day: Multiple DoS Flaws in IOS
As part of their semiannual patch day, Cisco released seven security advisories describing different Denial of Service (DoS) vulnerabilities affecting the IOS software that primarily ships with their routers. The seven flaws differ technically, and lie within various IOS components, including NAT, IKE, RSVP, etc. However, most of them share the same essential scope and impact. … [Read more...]
Cisco Cooks Up Bad Passwords by Forgetting to Salt Their Hashes
Earlier this week, Cisco released a security alert describing a weakness in one of the password encryption algorithms they use on certain Cisco IOS and IOS XE devices. Devices that store user credentials tend to use hash algorithms to encrypt plaintext passwords, making it more difficult for attackers to recover those passwords if they somehow gain access t0 the hashed … [Read more...]
WatchGuard Security Week in Review: Episode 20
Flame APT, iOS Security, and Cisco IOS XR Update This week's security summary video comes from Cascais Portugal, where I'm attending a WatchGuard partner conference, which is also why I'm posting the episode a little late. The biggest story of the week has to do with a new APT-class attack called Flame, which affects targeted Middle Eastern organizations. However, the episode … [Read more...]