Match.com is inadvertently exposing its user's passwords to snooping hackers. Learn what they did wrong, and how you can avoid it in today's Daily Security Byte video. (Episode Runtime: 2:26) Direct YouTube Link: https://www.youtube.com/watch?v=2tAfNx47AMo EPISODE REFERENCES: Reporter demonstrates clear text login for Match.com - Ars Technica Twitter users tips Ars … [Read more...]
China’s Great Cannon – Daily Security Byte EP.65
Two weeks ago experts blamed China for a DDoS attack against Github. This week, researchers describe the Great Cannon tool that China allegedly uses for these sorts of attacks. Press play to learn more, and to hear how I think we should combat this threat. (Episode Runtime: 2:30) Direct YouTube Link: https://www.youtube.com/watch?v=stx9IRTcUBo EPISODE REFERENCES: Citizen … [Read more...]
Google vs. CNNIC – Daily Security Byte EP.58
Google has discovered unauthorized digital certificates being used in a SSL man-in-the-middle attacks in Egypt. They tracked the certs to CNNIC and decided to remove the popular Chinese certificate authority from Chrome's trust chain. Watch the video for more details. (Episode Runtime: 2:37) Direct YouTube Link: https://www.youtube.com/watch?v=hKUs-kLKa50 EPISODE … [Read more...]
Should WatchGuard Customer's FREAK Out About SSL?
Last Tuesday, my Daily Security Byte video covered a new vulnerability that affected certain implementations of SSL; specifically ones that still use RSA's export cipher suite (RSA_EXPORT). Back in the day (1992 - 2000), the United States of America restricted the export of strong encryption to certain countries for political reasons. That meant encryption products, such as … [Read more...]
FREAK affects Windows – Daily Security Byte EP.39
I warned you about the FREAK SSL vulnerability on Tuesday. It turns out it affects Windows too. Learn how to mitigate the issue, and get an update on how WatchGuard's products are affected in the video below. (Episode Runtime: 1:56) Direct YouTube Link: https://www.youtube.com/watch?v=JZNdJfMZnik EPISODE REFERENCES: FREAK affects Windows too - Microsoft Advisory — Corey … [Read more...]