Blog Archives

Month Long Brute Force Yields 21 Million Logins

A brute force attack vs. the “Chinese Ebay” revealed that 21 million users had used the same password elsewhere.

Contact Info for 20k FBI and 9k DHS Employees To Be Leaked

A hacker plans on releasing email addresses and phone numbers for a large chunk of the federal level law enforcement personnel.

Google Hangouts Now Can Use P2P

Hangouts can now use P2P to improve quality of video/audio during a session.

Free Infosec Challenges

Some of the big brains from SANS are providing free “challenges” for students to use in learning Infosec skills.

Beware of Fake Flash Installer for OS X

If you have to use Flash, make sure to download it from Adobe, no where else!  A new malware is making the rounds as a flash update and it is signed by a valid cert which means GateKeeper will ignore it.

Error 53 and 3rd Party iPhone Repairs

You should think twice if you have your iPhone repaired by a 3rd party as the latest iOS could “brick it” if opened by a non Apple tech.

Apple Hires ThunderStrike 2 Author

The hacker that created a Mac firmware malware has been hired by Apple.

Google’s New Deceptive Site Warning

Google is now flashing red warning screens when you visit sites that have “fake” download buttons, those sites that have a big button that does not download the software you wanted, rather the button is an ad.

Run WordPress, Patch Now!

A new version (4.4.2) of WordPress has been released to combat hackers.  If your WordPress has been compromised, you’ll probably need to format as a new malware infects ALL js files.

Microsoft EMET 5.5

A new version of the Enhanced Mitigation Experience Toolkit (I love “Experience” in the name of a security product) has been released with improvements.  If you are a power Windows user, you should strongly consider installing this software.