Google is planning to put an end to SSL exploits, hopefully before they happen with Chrome

The other day I posted about the BEAST that can circumvent SSL encryption used with websites and how a proof of concept would be demonstrated soon and actual exploits in the wild even sooner. No sooner had I posted about that than Google’s Chrome development team had posted that they have an update already prepared for the Chrome browser that …

SSL encryption broken – Proof of concept demo later this week #ph33r

My first reaction to the news that read “Hackers break SSL encryption used by millions of sites – Beware of BEAST decrypting secret PayPal cookies” was, “What took ’em so long?” The article above gives all the details you can stand, and a quick search of Google for news articles will tell you everything else you want to know. The …

Old and busted – MBR viruses… New hotness – BIOS viruses (again)

This may come as no surprise to those who have been around computer security for a while, but the BIOS viruses are making a comeback! One of the first made its debut back in 1999 and was known as “CIH”.  But Symantec is reporting a new killer on the block called “Trojan.Mebromi” that affects the Award BIOS and seizes control …

Microsoft updates for Windows, Windows Server and Microsoft Office for Sept 13, 2011

Multiple vulnerabilities in MS Windows, MS Windows Server and Microsoft Office have been identified and addressed.  These should not be taken lightly as they are of a critical nature, allowing a “remote, unauthenticated attacker” the ability to gain access to your system, as well as DoS. If you require assistance applying updates to your business computers in the Greenville / …

1

Is your premise security and video surveillance all that it can be?

Here’s a sad story… A local (Spartanburg, SC) music store was broken into over the weekend and 40,000 dollars in gear was taken. The theft doesn’t look like your typical smash and grab either, because the thieve/s appear to have known the layout and went to great lengths to avoid detection. They entered through a skylight, after cutting power to …

Apple’s Mac OS X Lion poses enterprise security risks (this is not a repeat)…

Using Mac’s in your enterprise? You will want to read this article http://www.theregister.co.uk/2011/08/26/mac_osx_lion_security_hole/… This is kind of a big deal, as it underscores that Mac OS X Lion machines simply fail at LDAP, a basic part of enterprise network integration. In short, if you bring these Macs into your environment, once authenticated, they simply don’t care which password is entered, they …

Don’t trust those external portable USB hard drives with your important data!

I’ve posted this before…  External, portable, USB hard drives are convenient to store some data on, but dang it, don’t put everything on one and trust that it is forever and always going to be there for you. These devices use 2.5″ hard drives like you would find in a notebook computer, and while there is nothing wrong with those …

Trend Micro Titanium 2012 anti-virus / anti-malware now available

Trend Micro has unveiled their Titanium update for 2012! Keep your identity, data and social network protected from a new generation of threats. Staying safe online these days is about more than just avoiding malware. You have to protect your device, your privacy, your personal data, your social network, and your family against an army of new threats. Given that abandoning …

Just “deleting” a file could land you in prison #datasecurity

Alrighty, that sounded bad… Deleting a file probably won’t land you in jail unless you are doing something illegal in the first place. The idiot who attempted to extort money with a “collar bomb” was most likely caught due to leaving a message on a USB flash drive that he had deleted files from. The ONLY safe way to remove …

Your mailbox has NOT exceeded the storage limit as set by your administrator

One thing I am asked weekly is, “I just received an email alert telling me my mailbox exceeded the storage limit, why is that?”. Wellllllll, first of all, these messages, though they come in email and look all official, signed by “System Administrator” or something similar, are likely phishing attempts. If you hover over the URL listed to “re-validate” your …