Blog Archives

Oracle Gives Heartbleed Update, Patches 14 Products

The purpose of this document is to list Oracle products that depend on OpenSSL and to document their current status with respect to the OpenSSL versions that were reported as vulnerable to the publicly disclosed ‘heartbleed’ vulnerability CVE-2014-0160.

Active malware campaign steals Apple passwords from jailbroken iPhones

Security researchers have uncovered an active malware campaign in the wild that steals the Apple ID credentials from jailbroken iPhones and iPads.

‘Heartbleed’ Exploit Forces Healthcare.gov to Reset User Passwords

However, we’re resetting current passwords out of an abundance of caution, to ensure the protection of your information

3 Million Cards Impacted in Michaels Breach

Michaels confirmed yesterday that most of its U.S. stores were compromised on and off for eight months and that payment card information of nearly three million of its customers may have been impacted

Nasty Heartbleed bug exposes OpenVPN private keys

Wednesday’s confirmation means any OpenVPN server—and likely servers using any other VPN application that may rely on OpenSSL—should follow the multistep path for recovering from Heartbleed

Heartbleed hacker arrested

A 19-year-old student has been arrested for allegedly exploiting the Heartbleed vulnerability to steal taxpayer data from as many as 900 Canadians, authorities said Wednesday.

Microsoft Security Essentials Update Makes Windows XP Unusable

There are plenty of users out there who are still running Windows XP, even though Microsoft no longer provides updates and security patches for this particular OS version, but many are running the freeware Security Essentials in an attempt to protect their data.

Critical Oracle Patches released

Oracle has released a swathe of security updates culminating in a massive 104 new security fixes for products including Java, Fusion Middleware, and MySQL.

HD Manufacturer LaCie Admits Yearlong Data Breach

The announcement warns that anyone who purchased an external hard drive or any form of LaCie hardware off of the company’s website during that time period may have had their data stolen.

Microsoft confirms it’s dropping Windows 8.1 support

Microsoft TechNet blog makes clear that Windows 8.1 will not be patched; users must get Windows 8.1 Update if they want security patches