Security FUD, Black Energy, and Tor Terror Happy Halloween! The Internet "threatscape" has changed drastically over the past few years, with many more cyber security incidents each year and tons of information security (infosec) news in the headlines. Can you keep up? If not, maybe my weekly infosec video will help. In today's quick update, I rant a bit about infosec … [Read more...]
Cryptowall Malvertising – WSWiR Episode 126
Windows 0day, iCloud MitM, and Cryptowall Rises You're a busy IT guy that barely has time to brush your teeth before running off to work, so who has time to follow security news too? Does this sound like you? If so, let our short weekly video inform you of the most important security news in the time it takes you to enjoy your first cup of coffee. Today's episode covers … [Read more...]
POODLE Bites SSL – WSWiR Episode 125
October Patch Bonanze, Leaky Apps, and POODLE Cyber security has gone main stream, which means we're getting a lot more security news each week than we used to. This week was even busier than usual, with updates fixing hundreds and hundreds of security vulnerabilities, as well as a significant vulnerabilities in a encryption standards. If you're having trouble keeping track of … [Read more...]
How to Neuter POODLE (New SSL Vulnerability)
Surprise, surprise... Researcher's have found yet another OpenSSL vulnerability. They've named this one POODLE. Silly name, I know, but at least it stands for something—Padding Oracle On Downgraded Legacy Encryption. In short, POODLE is a protocol level cryptography flaw in Secure Sockets Layer version 3 (SSLv3), which is one of the many encryption protocols available … [Read more...]