Blog Archives

OS X saving “unsaved data” to iCloud, it is encrypted but they have the key

If you work with OS X and sensitive data, you might want to read this article.

Tor exit node adding malware

A Russian exit node was adding malware to http traffic.

Samsung KNOX stores PIN in cleartext?

“Specifically, a pin.xml file stored in the ContainerApp stored on the device during setup contains the unencrypted PIN number.”  

Require-Recipient-Valid-Since (RRVS) SMTP header

Yahoo and Facebook add to the SMTP header to help eliminate abandoned email spoofing.

Cryptowall surge

The ransomware has infected 800k+ PCs last month.

Apple posts info about iCloud security

After China was reportedly interfering, Apple wants you to be sure that you are connecting to the proper server.

Koler android ransomware

Demands money, can spread via SMS to evil link.  Make sure you only download Apps from Google/Amazon and only very popular ones with brand name appeal.

Google adds USB “key” to security lineup

Via a <$30 usb key that does crypto you can now log into your Google account more securely.

New Windows 0-Day delivered via Powerpoint

A new 0-day vulnerability has been found in Windows OLE (object linking and embedding) interpreter.  The attack is being delivered as an OLE object embedded in a PowerPoint file.

Apple releases Security Patch 2014-005

Fixes the POODLE flaw in SSL.