University of Southern California

Monthly Archives: April 2014

Zero-Day Vulnerability in Internet Explorer

Posted on by mbordas

Microsoft has issued a security advisory about a recently discovered zero-day vulnerability in Internet Explorer versions 6 – 11. The vulnerability could allow an attacker to install malware on a system without the user’s knowledge or consent if the user … Continue reading

Posted in Malware, Security Updates |

Phishing Warning 2014-04-18

Posted on by mbordas

Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as … Continue reading

Posted in Phishing | Tagged ,

Heartbleed – vendor updates 2014-04-17 10:56

Posted on by Robert

Below is a partial list of vendors that have released updates to address the Heartbleed vulnerability.
This list will be updated as more information becomes available. Continue reading

Posted in Security Updates | Tagged

Server certificates and Heartbleed

Posted on by Robert

Cloudflare, a large web-hosting company, has a very detailed article on how server certificates are not (in the real world) extractable using the Heartbleed bug: They set up a test server and challenged anybody to obtain the private key. … Continue reading

Posted in Password Security, Recommended Reading, Security Updates | Tagged

Passwords You Need to Change due to the Heartbleed Bug

Posted on by mbordas

Many websites and online services, including Facebook, Instagram, Google, and Yahoo, were affected by the recently announced Heartbleed vulnerability. The site linked below has collected responses from social media, email, financial, and other companies regarding steps they have taken to … Continue reading

Posted in Facebook, Password Security, Security Updates, Social Networking | Tagged

OpenSSL Vulnerability (Heartbleed Bug)

Posted on by mbordas

Security researchers have discovered a vulnerability, named the Heartbleed bug, in the OpenSSL encryption library that could allow attackers to access secure information stored in a server’s system memory, including usernames, passwords, and private encryption keys. OpenSSL is used by … Continue reading

Posted in Password Security, Phishing, Security Breach | Tagged

Patch Tuesday Roundup for April 2014

Posted on by mbordas

Microsoft’s support for the Windows XP operating system, Office 2003, and Exchange 2003 ends today, April 8, 2014. Microsoft will no longer provide security updates or other bug fixes for Windows XP, Office 2003, or Exchange 2003, leaving users of … Continue reading

Posted in Patch Tuesday, Security Updates |