Just recently I wrote about how a software developer, who is security-aware, was spear-phished and almost fell victim to a Firefox 0-day exploit. Fortunately for him, he was using Google Chrome and not Firefox. Follow that link for more details about that story, but what both that story and this story share in common is a security checklist that both parties … [Read more...]
[2x Security Vulnerabilities] Google Chrome and Windows
In a Tweet by Justin Schuh posted on Twitter on March 5th, he wrote “Also, seriously, update your Chrome installs… like right this minute. #PSA.” Justin is a leading security & desktop engineer for Google Chrome. Within that Tweet is this link, leading to a blog post from the Chrome team written on Friday, March 1st that states a stable channel update was release (version … [Read more...]
Critical Cisco VPN Router Flaw – Security Byte
Recently, Cisco released a software update for a critical vulnerability in their Wireless-N VPN Routers. If you expose the management page remotely, an attacker can totally take over your router with a single web query. Researchers disclosed the flaw to Cisco six months ago and they just patched it last week. If you're a Cisco customer that uses this particular router, watch … [Read more...]
Exploit Kit Vulnerability Exposes C2s – Security Byte
Cobalt Strike is an exploit kit, similar to Metasploit but slightly less popular. Months ago, the researchers at Fox-IT noticed that a vulnerability in the exploit kit’s web server allowed them to track malicious command and control (C2) servers. In today’s video, learn more about the vulnerability in this semi-popular exploit kit, and how it allowed researchers to find and … [Read more...]
WinRAR Exploited in the Wild – Security Byte
WinRar, a popular compression program, suffered from a critical vulnerability that allows at attacker to execute code on your computer if you open a malicious archive file. Worse yet, attackers are exploiting this flaw in the wild, both in China and the Middle East. Watch the video below to learn about this new vulnerability and attack so that you don’t fall for a malicious RAR … [Read more...]