Let's Encrypt is an organization that wants to help encrypt the web by offering CA validated SSL/TLS certificates for free. Unfortunately, attackers can also benefit from easy encryption. I support HTTPS everywhere, but you need to plan a way to secure your HTTPS traffic. Watch today's episode to learn how malvertisers are exploiting easy encryption to hide, and how you can … [Read more...]
UPnP Flaw Helps Pop IoT – Daily Security Byte EP. 186
One of WatchGuard's partners, Trend Micro, found that many devices are still using an older version of a common Universal Plug-n-Play (UPnP) library that suffers from a very serious vulnerability. This new research is very similar HD Moore's UPnP disclosures a few years ago; the difference being Trend Micro specifically found the issue affecting many Internet of Things (IoT) … [Read more...]
Flash 0day Surfaces – Daily Security Byte EP.159
Adobe just released a new Flash update Tuesday, but researchers have already found sophisticated threat actors leveraging a new zero day Flash exploit in the wild. Trend Micro, one of our security partners, found the Pawn Storm attackers leveraging this new Flash exploit. Watch today's video to learn when the next patch will come out, and what to do in the meantime. UPDATE: … [Read more...]
MalumPOS Targets Oracle MICROS – Daily Security Byte EP.93
If you work at a restaurant, hospitality service, or retailer—or you help support the IT needs of such organizations—you should be on the look out for Point-of-Sale (POS) malware. Today's daily security video covers a new POS malware variant called MalumPOS, which targets Oracle MICROS POS systems. Watch it to learn how to protect yourself. (Episode Runtime: 1:58) Direct … [Read more...]