Nov - 06 2014

​Chrome, Firefox and Internet Explorer are making the move to discourage the use of SHA1.  Microsoft started the push for changing from SHA1 to SHA2 about 1 year ago, Google is choosing to be aggressive in what it shows to users of Chrome browser which is due around November 20 something. With Chrome Chrome will […]

Oct - 15 2014

Another SSL Vulnerability has been found in SSL v3.0.  You should consider changing to use TLS 1.0, 1.1 or 1.2. It is recommended to disable SSL v 3.0 on your secure websites. I recommend disabling at least PCT 1.0, SSL 2.0, SSL 3.0 on your IIS Servers. IIS 3.0-6.0 IIS 7.0+ RedHat Linux products […]

Sep - 26 2014

Red Hat found another flaw in BASH that has been assigned CVE-2014-7169.  This is in addition to CVE-2014-6271 in the previous Blog entry.  CVE-2014-7169 affects Red Hat 4, 5, 6, and 7.  Red Hat released the update today 9/26/2014​ NIST Debian Ubuntu Oracle Linux Cygwin for Windows – update released […]

Sep - 24 2014

A major flaw has been found in the BASH Shell for Linux,  CVE-2014-6271.  While in many cases this would require direct access to the system to take advantage of this flaw, if you have any CGI scripts on a website that are coded in BASH – your website may be in jeopardy. All BASH versions […]

Aug - 13 2014

Symantec recently published a Security Response document – Threats to virtual environments published 8/12/2014. This whitepaper provides a good outline that virtual servers are equally vulnerable to attack from Viruses and Malware as a physical server would be.  In fact they are even more vulnerable if the computer that is running a management console can […]

1 4 5 6