Phishing Warning 2014-04-18
Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as … Continue reading
Posted in Phishing | Tagged phishing, social engineering
Heartbleed – vendor updates 2014-04-17 10:56
Below is a partial list of vendors that have released updates to address the Heartbleed vulnerability.
This list will be updated as more information becomes available. Continue reading
Posted in Security Updates | Tagged Heartbleed
Server certificates and Heartbleed
Cloudflare, a large web-hosting company, has a very detailed article on how server certificates are not (in the real world) extractable using the Heartbleed bug: http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed They set up a test server and challenged anybody to obtain the private key. … Continue reading
Posted in Password Security, Recommended Reading, Security Updates | Tagged Heartbleed
Passwords You Need to Change due to the Heartbleed Bug
Many websites and online services, including Facebook, Instagram, Google, and Yahoo, were affected by the recently announced Heartbleed vulnerability. The site linked below has collected responses from social media, email, financial, and other companies regarding steps they have taken to … Continue reading
Posted in Facebook, Password Security, Security Updates, Social Networking | Tagged Heartbleed
OpenSSL Vulnerability (Heartbleed Bug)
Security researchers have discovered a vulnerability, named the Heartbleed bug, in the OpenSSL encryption library that could allow attackers to access secure information stored in a server’s system memory, including usernames, passwords, and private encryption keys. OpenSSL is used by … Continue reading
Posted in Password Security, Phishing, Security Breach | Tagged Heartbleed
Patch Tuesday Roundup for April 2014
Microsoft’s support for the Windows XP operating system, Office 2003, and Exchange 2003 ends today, April 8, 2014. Microsoft will no longer provide security updates or other bug fixes for Windows XP, Office 2003, or Exchange 2003, leaving users of … Continue reading
Posted in Patch Tuesday, Security Updates |
Zero-Day Vulnerability in Microsoft Word
Microsoft recently published a security advisory about a zero-day vulnerability affecting Microsoft Word. (A zero-day vulnerability is one that exploits a previously unknown vulnerability and for which a patch has not yet been released.) The vulnerability can allow an attacker … Continue reading
Posted in Security Updates | Tagged exploits, microsoft, zero-day vulnerability
Phishing Warning 2014-03-25
Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as … Continue reading
Posted in Phishing |
Patch Tuesday Roundup for March 2014
Today is Patch Tuesday for March 2014. Microsoft released five bulletins, two of which are considered critical. The critical updates include a cumulative security update for Internet Explorer, which addresses a zero-day exploit first announced on February 19, 2014. For … Continue reading
Posted in Patch Tuesday, Security Updates |
Security Fixes for Internet Explorer and Flash Player
This week, Microsoft and Adobe released emergency security fixes to address zero-day vulnerabilities, or those which exploit previously unknown vulnerabilities and for which no patch has been released. Microsoft issued a security advisory about a vulnerability affecting Internet Explorer 9 and … Continue reading
Posted in Security Updates |