A curious netizen found more than he expected while checking out his D-link webcam's firmware. Learn how D-link accidentally leaked some sensitive digital keys, and what that means to the world at large. (Episode Runtime: 3:24) Direct YouTube Link: https://www.youtube.com/watch?v=gIUwVfKMu5k EPISODE REFERENCES: Original post about leaked D-link keys on Dutch … [Read more...]
Cryptography Logjam – Daily Security Byte EP.86
Are you getting sick of SSL/TLS and other cryptography related vulnerabilities? I sure am! Nonetheless, we need to keep on top of them in order to keep our communications private. In today's daily video I cover Logjam, a new named vulnerability having to do with the Diffie-Hellman key negotiation. Watch the video to learn which of your systems might be affected, and more … [Read more...]
FREAK affects Windows – Daily Security Byte EP.39
I warned you about the FREAK SSL vulnerability on Tuesday. It turns out it affects Windows too. Learn how to mitigate the issue, and get an update on how WatchGuard's products are affected in the video below. (Episode Runtime: 1:56) Direct YouTube Link: https://www.youtube.com/watch?v=JZNdJfMZnik EPISODE REFERENCES: FREAK affects Windows too - Microsoft Advisory — Corey … [Read more...]
Don’t FREAK Out – Daily Security Byte EP.36
I'm going to freak out if I hear about another security vulnerability in SSL.... Too late! Watch today's episode to see whether or not you should freak about the FREAK SSL flaw. (Episode Runtime: 2:17) Direct YouTube Link: https://www.youtube.com/watch?v=ps3a7U0TOvo WatchGuard customers might be curious if our products are affected by FREAK. Probably not! As far as our … [Read more...]
How to Neuter POODLE (New SSL Vulnerability)
Surprise, surprise... Researcher's have found yet another OpenSSL vulnerability. They've named this one POODLE. Silly name, I know, but at least it stands for something—Padding Oracle On Downgraded Legacy Encryption. In short, POODLE is a protocol level cryptography flaw in Secure Sockets Layer version 3 (SSLv3), which is one of the many encryption protocols available … [Read more...]