Security

HTTPS Everywhere: Deep Dive Into Making the Switch

Submitted by Sam Moore on Mon, 03/06/2017 - 21:00

HTTPS image

Not only are some browsers now throwing flares when forms are presented without encryption, but Google is starting to notice as well.
Bottom line - it's time to get a cert and make your site work over encrypted connections.

Here's a detailed article that will take you through the steps required to get HTTPS working on your site(s).

https://www.lullabot.com/articles/https-everywhere-deep-dive-into-making-the-switch

 

Hacker News: Thousands of websites still vulnerable to Heartbleed

Submitted by Sam Moore on Mon, 01/23/2017 - 12:03

Hacker news logo

It takes roughly three steps to remediate the Heartbleed bug.
 

  1. Patching: Update your software to the latest versions of OpenSSL; thankfully almost all organization have accomplished this step.
  2. Creation of New Private Keys: Creating new private keys will prevent an attacker, who already exploited the flaw before patching, from being able to spy on your encrypted.
  3. Reissuance of Security Certificates: This step will eliminate the ability of any attacker to spoof organizations and fool or phish their customers.

http://thehackernews.com/2017/01/heartbleed-openssl-vulnerability.html

Krebs: $3-5M in Ad Fraud Daily from ‘Methbot’

Submitted by Sam Moore on Thu, 12/22/2016 - 10:57

As usual, Krebs has a much more detailed exigesis of how this thing actually works.

New research suggests that an elaborate cybercrime ring is responsible for stealing between $3 million and $5 million worth of revenue from online publishers and video advertising networks each day. Experts say the scam relies on a vast network of cloaked Internet addresses, rented data centers, phony Web sites and fake users made to look like real people watching short ad segments online.

https://krebsonsecurity.com/2016/12/report-3-5m-in-ad-fraud-daily-from-methbot/

Hacker News: Yahoo Admits 1 Billion Accounts Compromised in Newly Discovered Data Breach

Submitted by Sam Moore on Thu, 12/15/2016 - 10:41

And in other news, Yahoo is still in business...
Seriously, who has a Yahoo account?

 

The data breach officially disclosed on Wednesday actually occurred in 2013 and, just like the one in 2014, allowed the cyber crooks to obtain personal information of its users but not credit card details.

 

http://thehackernews.com/2016/12/yahoo-data-breach-billion.html

Krebs: New Critical Fixes for Flash, MS Windows

Submitted by Sam Moore on Wed, 12/14/2016 - 15:27

Please please please for the love of all that's good, stop using Flash.
And don't get me started on Windows.

According to analysis released this month by Recorded Future, Adobe Flash vulnerabilities provided six of the top 10 vulnerabilities used by exploit kits in 2016. Exploit kits are automated tools that criminals stitch into the fabric of hacked or malicious Web sites, so that visitors who visit one of these sites with an outdated version of Flash in their browser can have malware silently installed. 

https://krebsonsecurity.com/2016/12/new-critical-fixes-for-flash-ms-windows/

Hacker News: Stop Using these 2 Easily Hackable Netgear Router Models

Submitted by Sam Moore on Sat, 12/10/2016 - 19:03

Carnegie Mellon's Computer Emerency Response Team (CERT) warns

Netgear's R7000 and R6400 routers, running current and latest versions of firmware, are vulnerable to arbitrary command injection attacks, though the number of users affected by the flaw is still unclear.

http://thehackernews.com/2016/12/netgear-router-hacking.html

Hacker News: This Ransomware Unlocks Your Files For Free If You Infect Others

Submitted by Sam Moore on Fri, 12/09/2016 - 10:47

Multi-level marketing comes to ransomware.

...to get their important files back, Popcorn Time gives victims option to pay a ransom to the cyber criminal or infect two other people and have them pay the ransom to get a free decryption key.

http://thehackernews.com/2016/12/ransomware-malware.html

Analytics Toolkit: Future-Proofing Against Google Analytics Spam

Submitted by Sam Moore on Mon, 12/05/2016 - 21:26

If you're seeing this in your Analytics reports,

“Secret.ɢoogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!”

and are sufficiently technical to do something about it, here's a great article on how to proceed.

http://blog.analytics-toolkit.com/2016/future-proofing-your-ga-vs-google-analytics-spam/