Welcome to Delicate template
Header
Just another WordPress site
Header

Logjam Vulnerability

May 21st, 2015 | Posted by Steven Anderson in Monitoring | Security | SIEM - (0 Comments)

The TLS protocol is the current standard for secure communication over the Internet and until now had been considered to be highly secure. A recent discovery of Logjam, a vulnerability that spawns results similar to that of FREAK (Factoring Attack on RSA-EXPORT Keys) affects 8.4% of the top one million web domains. Like FREAK, Logjam downgrades encrypted connections to a weak 512-bit encryption using the “export-grade” option. Once downgraded, the encryption key can be factored in less than twelve hours using Amazon EC2, and it will only cost the attacker about $100. This vulnerability impacts SMTP, StartTLS, secure POP3, IMAP, and of course SSL and TLS.
Read more

Steven Anderson

Steven Anderson

Steven Anderson is an Information Security Intern at True. He first became interested in computer science and information security while serving in the U.S. Marine Corps as a Computer Technician and later a Data Network Specialist. After earning an Associates in Science in Computer Science, Computer Engineering, and Physics from TCC, Steven is continuing his education at the University of Tulsa as a Computer Science undergraduate in his senior year, with goals to pursue a career as a Security Analyst.

More Posts

I recently read an article discussing how our home devices are now a more public target for attackers. All the smart devices in our home are “smart” because they are nothing more than small embedded devices that typically run some variant of Linux. Therefore, any attack against Linux means an attack against your toaster, home security system, HVAC controllers, and yes, your refrigerator and television.Read more

Jerald Dawkins

Jerald Dawkins

Dr. Jerald Dawkins is the CEO and Founder of TRUE and has extensive experience in regulatory compliance, technical risk assessments, penetration testing, web application vulnerability analysis and secure coding. Dr. Dawkins is the author of numerous publications and presents at national and international conferences. He holds the following certifications: CISSP, NSA IAM, and CNSS 4011-4015.

More Posts

If you haven’t heard about it by now, let me clue you in: Java is a security nightmare. A few days ago, a zero-day exploit for Java 7 became widely-known. The exploit bypasses Java 7’s security sandbox and permits attackers to download and execute code without user interaction. The attack is already available in Metasploit and in the Blackhole Exploit Kit (BEK). Since it’s in BEK, users are now susceptible to this attack via so-called “drive-by” web hacks. All a user has to do is get unlucky and visit a compromised site (and there are a TON of compromised WordPress sites out there) and their machine is compromised.Read more

Brett Edgar

Brett Edgar

Brett is a Founder and the former Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

More Posts - Twitter

I often get into debates on the use of encryption and it being the panacea of data protection. While encryption has proven itself a viable solution for many years, the problem is never in the algorithm, but rather in the management of the keys. In order for encryption to occur the system must have the key to encrypt and decrypt the data. This means that the key resides somewhere on a computer system accessible by the application. How well is the organization protecting the key and ensuring that the application is handling the key appropriately is the most significant question.

Read more

Jerald Dawkins

Jerald Dawkins

Dr. Jerald Dawkins is the CEO and Founder of TRUE and has extensive experience in regulatory compliance, technical risk assessments, penetration testing, web application vulnerability analysis and secure coding. Dr. Dawkins is the author of numerous publications and presents at national and international conferences. He holds the following certifications: CISSP, NSA IAM, and CNSS 4011-4015.

More Posts

Well, that didn’t take long. As of Thursday, an MS12-020 PoC (the Remote Desktop Protocol vulnerability) is in the wild. Looks like one of Microsoft’s MAPP partners leaked some test code. This PoC code only causes a Blue-Screen-of-Death, so the damage is limited to a denial-of-service. It won’t be long until the bad guys figure out which values they need to modify to achieve remote code execution. When that happens and you still have RDP open to the Internet and unpatched, you lose. I suspect we’ll see a worm exploiting this within a week. This could end up being a SQL Slammer-type event…

Brett Edgar

Brett Edgar

Brett is a Founder and the former Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

More Posts - Twitter