Massive Webmail Credential Leak? – Daily Security Byte EP. 257

According to reports, a Russian cyber criminal has leaked over 272 million credentials, including many from popular webmail services. However, so far none of the companies have validated that the leaked credentials work today. Watch my video below to learn what I think, and what you can do to protect yourself.

(Episode Runtime: 3:34)

Direct YouTube Link: https://www.youtube.com/watch?v=1Icgdapc2uw

EPISODE REFERENCES:

• Article on massive webmail credential leak – Reuters
• Researchers’ blog post on the massive webmail credential leak – Hold Security
• My old blog post on Hold Security’s 1B leaked record claim – WatchGuard Blog
• May 5th is World Password Day – PasswordDay.org

— Corey Nachreiner, CISSP (@SecAdept)

Important OpenSSL Updates – Daily Security Byte EP. 256

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are two very important Internet protocols, as they help us encrypt Web traffic and much more. OpenSSL is a very popular Linux implementation of SSL/TLS, used in many products. If you use OpenSSL, watch the video to learn why you should update OpenSSL as soon as you can.

(Episode Runtime: 2:43)

Direct YouTube Link: https://www.youtube.com/watch?v=TE4pz9SD-mY

EPISODE REFERENCES:

• OpenSSL’s vulnerability page – OpenSSL
• Article on the latest OpenSSL security flaws – Ars Technica

— Corey Nachreiner, CISSP (@SecAdept)

Ransomware Exploits Flash 0day – Daily Security Byte EP. 244

Next week is Microsoft and Adobe’s Patch Day. However, on Thursday Adobe released an emergency security advisory to fix a zero day Flash vulnerability. Watch the episode below to learn why you should get this update to avoid drive-by download attacks pushing ransomware.

(Episode Runtime: 1:44)

Direct YouTube Link: https://www.youtube.com/watch?v=F2MKTU9ZIO4

EPISODE REFERENCES:

• Emergency Adobe Flash Security Advisory and update – Abode
• Ransomware using Flash 0day in drive-by download – Reuters

— Corey Nachreiner, CISSP (@SecAdept)

Glibc Helps Hackers Pop Linux – Daily Security Byte EP. 217

Glibc is the standard C library that ships with mosts version of Linux. It includes many functions that handle the common tasks programs might need, such as looking up IP addresses associated with domain names. This week, Google and Red Hat researchers disclosed a serious vulnerability in this common library, which could allow remote attackers to execute code on your Linux machines. Watch today’s Byte to learn more about this issue, and what computers or devices it might affect.

(Episode Runtime: 3:26)

Direct YouTube Link: https://www.youtube.com/watch?v=j72tvt2Pfjk

EPISODE REFERENCES:

• UPDATE: Knowledge Base article describing how WatchGuard products are affected – WatchGuard
• Glibc buffer overflow vulnerability allows code execution  – Google Blogspot
• Red Hat patch advisory for glibc vulnerability – Sourceware.org
• Proof of Concept exploit for the glibc bug – Github
• Article covering the Linux glibc issue – The Register

— Corey Nachreiner, CISSP (@SecAdept)

OpenSSL DSA Vulnerability – Daily Security Byte EP. 209

Last week, the OpenSSL team fixed a vulnerability that could allow attackers to get the key used to encrypt your HTTPS or SSL connections. Watch today’s video to learn a bit more about this vulnerability, the update, and how WatchGuard products are affected.

(Episode Runtime: 3:17)

Direct YouTube Link: https://www.youtube.com/watch?v=I8yBGcTGtqM

EPISODE REFERENCES:

• OpenSSL fixes a serious vulnerability related to DSA – Ars Technica
• Details on OpenSSL key recovery attack – Blogspot
• OpenSSL security advisory for update – OpenSSL
• WatchGuard’s knowledge base article on our exposure [Requires login] – WatchGuard

— Corey Nachreiner, CISSP (@SecAdept)

OpenSSH Client Flaws – Daily Security Byte EP. 203

Today, Qualys disclosed two new vulnerabilities in the popular secure shell application, OpenSSH. One of the flaws is pretty serious, but only affects the OpenSSH client. Watch today’s episode to learn more about these issues, and learn what other products might be affected.

(Episode Runtime: 2:31)

Direct YouTube Link: https://www.youtube.com/watch?v=EQlJLOXCNZ4

EPISODE REFERENCES:

• Qualys’ detailed post on two OpenSSH vulnerabilities – Qualys
• OpenBSD’s journal on OpenSSH flaws and update – Undeadly.org
• Good article summarizing the OpenSSH vulnerabilities – ZDNet

— Corey Nachreiner, CISSP (@SecAdept)

Joomla Attack in Wild – Daily Security Byte EP. 192

If you use Joomla to manage content on your website, you’re going to want to patch immediately. Today’s daily video covers a new zero day flaw in the open source content management system (CMS) that attackers are actively exploiting in the wild.

(Episode Runtime: 1:42)

Direct YouTube Link: https://www.youtube.com/watch?v=oLcHEBQb274

EPISODE REFERENCES:

• Article on Joomla new vulnerability – Ars Technica
• Blog post about Joomla zero day exploit in the wild – Securi
• Joomla’s advisory about the 0day flaw – Joomla
• Joomla’s software update – Joomla

— Corey Nachreiner, CISSP (@SecAdept)

IT Pros Get Patches for Xmas? – Daily Security Byte EP. 188

It’s hard to call today, “Microsoft Patch Day,” when both Adobe and Apple piled on with tons of security fixes of their own. Microsoft released a dozen security bulletins today, eight rated Critical; Adobe released a Flash update fixing 78 vulnerabilities; and Apple released fixes for all their OSes and a few other products. If you use software from any of those three vendors, watch today’s episode to learn what to do, and check out the references below for more details on the updates.

(Episode Runtime: 2:54)

Direct YouTube Link: https://www.youtube.com/watch?v=6Of-SSZ7gtc

EPISODE REFERENCES:

• Microsoft’s security bulletin summary for  December 2015 – Microsoft
• Microsoft added three new security advisories this month – Microsoft
• Great blog post summarizing Microsoft Patch Day – gHacks.net
• Adobe Flash security bulletin for December 2015 – Adobe
• Apple’s security summary page with links to alerts – Apple

— Corey Nachreiner, CISSP (@SecAdept)

No Security for Old IE – Daily Security Byte EP. 187

Internet Explorer (IE) has been around for ages, but Microsoft is ending support for older version of the popular browser on January 12, 2016, likely to focus on their new Edge browser. They’ll only support the latest version of IE in each of their supported operating systems, which basically means most people will have to use IE 11 or Edge. Watch today’s video to learn about the security implications of this change.

(Episode Runtime: 2:14)

Direct YouTube Link: https://www.youtube.com/watch?v=aZpbpgAKbTA

EPISODE REFERENCES:

• Article about Internet Explorer end of support – Express.co.uk
• Microsoft IE End-of-Support page – Microsoft
• Microsoft’s FAQ on IE End-of-Support –Microsoft

— Corey Nachreiner, CISSP (@SecAdept)

UPnP Flaw Helps Pop IoT – Daily Security Byte EP. 186

One of WatchGuard’s partners, Trend Micro, found that many devices are still using an older version of a common Universal Plug-n-Play (UPnP) library that suffers from a very serious vulnerability. This new research is very similar HD Moore’s UPnP disclosures a few years ago; the difference being Trend Micro specifically found the issue affecting many Internet of Things (IoT) devices and mobile apps. Watch my vlog below to learn more about it.

(Episode Runtime: 3:32)

Direct YouTube Link: https://www.youtube.com/watch?v=gjmTGyiyBS0

EPISODE REFERENCES:

• Trend Micro’s blog post on the UPnP vulnerability threatening many IoT devices – Trend Micro
• An article covering this new Iot/UPnP threat – ZDNet
• My old blog post on similar research from HD Moore – WatchGuard Blog
• Rapid 7’s research paper on HD Moore’s UPnP discoveries [PDF] – Rapid 7

— Corey Nachreiner, CISSP (@SecAdept)