Information Security in Today's Digital Culture
Header

Logjam Vulnerability

May 21st, 2015 | Posted by Steven Anderson in Monitoring | Security | SIEM - (0 Comments)

The TLS protocol is the current standard for secure communication over the Internet and until now had been considered to be highly secure. A recent discovery of Logjam, a vulnerability that spawns results similar to that of FREAK (Factoring Attack on RSA-EXPORT Keys) affects 8.4% of the top one million web domains. Like FREAK, Logjam …
Read more

I recently read an article discussing how our home devices are now a more public target for attackers. All the smart devices in our home are “smart” because they are nothing more than small embedded devices that typically run some variant of Linux. Therefore, any attack against Linux means an attack against your toaster, home …
Read more

If you haven’t heard about it by now, let me clue you in: Java is a security nightmare. A few days ago, a zero-day exploit for Java 7 became widely-known. The exploit bypasses Java 7’s security sandbox and permits attackers to download and execute code without user interaction. The attack is already available in Metasploit …
Read more

I often get into debates on the use of encryption and it being the panacea of data protection. While encryption has proven itself a viable solution for many years, the problem is never in the algorithm, but rather in the management of the keys. In order for encryption to occur the system must have the …
Read more

Well, that didn’t take long. As of Thursday, an MS12-020 PoC (the Remote Desktop Protocol vulnerability) is in the wild. Looks like one of Microsoft’s MAPP partners leaked some test code. This PoC code only causes a Blue-Screen-of-Death, so the damage is limited to a denial-of-service. It won’t be long until the bad guys figure …
Read more