University of Southern California

← Older posts

Heartbleed – vendor updates 2014-04-13 20:00

Posted on by Robert

Below is a partial list of vendors that have released updates to address the Heartbleed vulnerability.
This list will be updated as more information becomes available. Continue reading

Posted in Security Updates | Tagged

Server certificates and Heartbleed

Posted on by Robert

Cloudflare, a large web-hosting company, has a very detailed article on how server certificates are not (in the real world) extractable using the Heartbleed bug: http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed They set up a test server and challenged anybody to obtain the private key. … Continue reading

Posted in Password Security, Recommended Reading, Security Updates | Tagged

Passwords You Need to Change due to the Heartbleed Bug

Posted on by mbordas

Many websites and online services, including Facebook, Instagram, Google, and Yahoo, were affected by the recently announced Heartbleed vulnerability. The site linked below has collected responses from social media, email, financial, and other companies regarding steps they have taken to … Continue reading

Posted in Facebook, Password Security, Security Updates, Social Networking | Tagged

OpenSSL Vulnerability (Heartbleed Bug)

Posted on by mbordas

Security researchers have discovered a vulnerability, named the Heartbleed bug, in the OpenSSL encryption library that could allow attackers to access secure information stored in a server’s system memory, including usernames, passwords, and private encryption keys. OpenSSL is used by … Continue reading

Posted in Password Security, Phishing, Security Breach | Tagged

Patch Tuesday Roundup for April 2014

Posted on by mbordas

Microsoft’s support for the Windows XP operating system, Office 2003, and Exchange 2003 ends today, April 8, 2014. Microsoft will no longer provide security updates or other bug fixes for Windows XP, Office 2003, or Exchange 2003, leaving users of … Continue reading

Posted in Patch Tuesday, Security Updates |

Zero-Day Vulnerability in Microsoft Word

Posted on by mbordas

Microsoft recently published a security advisory about a zero-day vulnerability affecting Microsoft Word. (A zero-day vulnerability is one that exploits a previously unknown vulnerability and for which a patch has not yet been released.) The vulnerability can allow an attacker … Continue reading

Posted in Security Updates | Tagged , ,

Phishing Warning 2014-03-25

Posted on by mbordas

Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as … Continue reading

Posted in Phishing |

Patch Tuesday Roundup for March 2014

Posted on by mbordas

Today is Patch Tuesday for March 2014. Microsoft released five bulletins, two of which are considered critical. The critical updates include a cumulative security update for Internet Explorer, which addresses a zero-day exploit first announced on February 19, 2014. For … Continue reading

Posted in Patch Tuesday, Security Updates |

Security Fixes for Internet Explorer and Flash Player

Posted on by mbordas

This week, Microsoft and Adobe released emergency security fixes to address zero-day vulnerabilities, or those which exploit previously unknown vulnerabilities and for which no patch has been released. Microsoft issued a security advisory about a vulnerability affecting Internet Explorer 9 and … Continue reading

Posted in Security Updates |

Patch Tuesday Roundup for February 2014

Posted on by mbordas

During this month’s Patch Tuesday, Microsoft released seven security bulletins, four of which are considered critical. The bulletins address vulnerabilities in Windows, Internet Explorer, Security Software, and the .NET Framework. For more information about this month’s updates, visit the Microsoft … Continue reading

Posted in Patch Tuesday, Security Updates |

← Older posts