Questionable Software - Perion
One of our systems had recently come across some software, a PUP, "potentially unwanted program", that seems to have roots from Perion Ltd, which is based in Israel and also partnered with Conduit. If...
View ArticleReverse Proxy - What SSL ciphers to support?
I'm experimenting with an open source reverse proxy to help out to:restrict access based on specific host headersrestrict access based on specific URLssanitise requests coming in to ensure they're...
View ArticleEverything You Need To Tell Management About Having a Penetration Test
John Strand (Blackhills Information security) and Paul Asadoorian (Paul's Security Weekly Podcast) are hosting a webcast about this.If you are unaware of these two, I would suggest you just Google or...
View ArticleNIST's Guide to Application Whitelisting
NIST have some great guides available (http://nist.gov), they have just published one on White listing, a very sensible security measure, worth a read, remember it's only a guide not hte bible so...
View ArticleClik here to view.
How to Draft Your Cybersecurity Battle Plan
The best defense is a good offense.Reactively fending off attacks is only part of the fight.Detection and prevention of attacks before they become a problem is just as (if not more so) important and...
View ArticleComcast resets nearly 200,000 passwords after customer list goes on sale
http://www.csoonline.com/article/3002604/cyber-attacks-espionage/comcast-resets-nearly-200000-passwo...
View ArticleClik here to view.
New encryption ransomware targets Linux systems
viaArs TechnicaThe antivirus software company Doctor Web hasissued an alertabout a new form of crypto-ransomware that targets users of Linux-based operating systems. Designated as "Linux.Encoder.1" by...
View ArticleVendors call asking for "your time to answer a few questions", do you answer?
So the past couple of weeks I received the typical vendor call where they ask if you're the person responsible for xyz and if you can answer some questions. You know how they put you down on a list to...
View ArticleEncrypting a laptop
Hi Everyone, We have around 7-10 company laptops and we need to be able to encrypt/ password protect. So if the laptop ever gets stolen the person cant use it. What would you reccomend me using?
View Article"A certificates chaine processed, but terminated in a root certificates"
Getting "A certificates chain processed, but terminated in a root certificates which is not trusted by the trust provider" while connecting to VPN using Radius server. I have added the ca certificate...
View ArticleWhat the Investigatory Powers Bill will mean for your internet use
Nice article, you may want to make your own version and distribute to your users for educational...
View ArticleQuestion about Mimecast
Has anybody had problems with their Mimecast recently putting legit emails in quarentine. Even things previously on the permit list ? We have had an outbreak of this and no amount of time spent on...
View ArticleEndpoint protection with Sandboxing
Does anyone have an opinion on the usefulness of sandboxing in endpoint protection software such as Comodo? The one boast I believe it has going for it is protection against ransomware, a boast I...
View ArticleClik here to view.
Signed Certificate shows as valid cert, but only for FQDN. Aliases don't work FF
This only affects Firefox.I created a CSR for a IIS server using the digicert certificate utility for Windows on to the server I will be importing the certificate. I made sure to include server aliases...
View ArticleFix Weak SSL Ciphers on Exchange 2003. ssl1, 2, 3 & tsl1?
Yes, I know 2003...we're going to be migrating to 2010 in the near future.I installed alienvault OSSIM and deploid the hid on our email server, now the vulnerability report shows weak ciphers on the...
View ArticleCops gain access to phone location data in some States.
Not sure if this bothers me or not, not only do I not live in the states but surely this could also help clear someone if some other evidence could be...
View ArticleJPMorgan's 2014 Hack Tied to Largest Cyber Breach Ever
This sounds bad?http://www.bloomberg.com/news/articles/2015-11-10/hackers-accused-by-u-s-of-targeting-top-banks-mutu...
View ArticleWhat Does Apple’s Tim Cook Think of Your Encryption?
Tim Cook’s recent forceful defense of end-to-end encryption seems like it’s less about privacy concerns for citizens and more about safety concerns for users. Does your company use end-to-end...
View ArticleKB3097877 - Outlook Crashing
Just a heads up as there are lots of reports of this update causing Outlook to fall over in a big heap.KB3097877
View ArticleA 4-step DDoS attack protection plan: Lessons from the ProtonMail attack
A recent distributed denial of service (DDoS) attack on the encrypted email company ProtonMail holds at leastone lesson: Just because you agree to pay aransom to make a cyberattack stop, it doesn't...
View Article