Blog Archives

Nasty Heartbleed bug exposes OpenVPN private keys

Wednesday’s confirmation means any OpenVPN server—and likely servers using any other VPN application that may rely on OpenSSL—should follow the multistep path for recovering from Heartbleed

Heartbleed hacker arrested

A 19-year-old student has been arrested for allegedly exploiting the Heartbleed vulnerability to steal taxpayer data from as many as 900 Canadians, authorities said Wednesday.

Microsoft Security Essentials Update Makes Windows XP Unusable

There are plenty of users out there who are still running Windows XP, even though Microsoft no longer provides updates and security patches for this particular OS version, but many are running the freeware Security Essentials in an attempt to protect their data.

Critical Oracle Patches released

Oracle has released a swathe of security updates culminating in a massive 104 new security fixes for products including Java, Fusion Middleware, and MySQL.

HD Manufacturer LaCie Admits Yearlong Data Breach

The announcement warns that anyone who purchased an external hard drive or any form of LaCie hardware off of the company’s website during that time period may have had their data stolen.

Microsoft confirms it’s dropping Windows 8.1 support

Microsoft TechNet blog makes clear that Windows 8.1 will not be patched; users must get Windows 8.1 Update if they want security patches

First sites admit data loss through Heartbleed attacks

Canada’s tax authority and a popular British parenting website both lost user data after attackers exploited the Heartbleed SSL vulnerability, they said Monday.

Reverse Heartbleed Testing

Client using the vulnerable version of OpenSSL are subject to information leakage.  Most browsers are unaffected.

Adobe Patches Flash Player

All users should upgrade, details at Adobe.

April 2014 Patch Tuesday

Microsoft has released a smaller amount of patches this month, two of them critical (office/IE).