Tag Archives: Update

July Android Security Update – Daily Security Byte EP. 285

If you use Android devices, it’s time to update. Google released an Android update that fixes hundreds of vulnerabilities, including the Qualcomm chipset flaw that has been in the news lately. Watch today’s video to learn more, and update your Android device when you can. Also, check out Marc Laliberte’s post to learn about HummingBad, a prolific malware variant that’s affecting Android users.

(Episode Runtime: 1:55

Direct YouTube Link: https://www.youtube.com/watch?v=z4B7E8qfbFM

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Critical Symantec AV Flaws – Daily Security Byte EP. 282

Tavis Ormanday, a well-known security engineer for Google, disclosed a number of critical vulnerabilities in some of Symantec’s endpoint security products. If you use Symantec or Norton’s antivirus (AV), watch the video below to learn how bad these flaws are, and where to find the updates. You can also stick around to hear what I think about vulnerabilities in security products in general. 

(Episode Runtime: 7:13

Direct YouTube Link: https://www.youtube.com/watch?v=gWr_U2iH7-E

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Massive Webmail Credential Leak? – Daily Security Byte EP. 257

According to reports, a Russian cyber criminal has leaked over 272 million credentials, including many from popular webmail services. However, so far none of the companies have validated that the leaked credentials work today. Watch my video below to learn what I think, and what you can do to protect yourself.

(Episode Runtime: 3:34)

Direct YouTube Link: https://www.youtube.com/watch?v=1Icgdapc2uw

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Important OpenSSL Updates – Daily Security Byte EP. 256

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are two very important Internet protocols, as they help us encrypt Web traffic and much more. OpenSSL is a very popular Linux implementation of SSL/TLS, used in many products. If you use OpenSSL, watch the video to learn why you should update OpenSSL as soon as you can.

(Episode Runtime: 2:43)

Direct YouTube Link: https://www.youtube.com/watch?v=TE4pz9SD-mY

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Oracle and Cisco Patches – Daily Security Byte EP. 251

In today’s quick Security Byte video, I cover the Oracle and Cisco patches that have come out over the past few days. If you use products from either company, watch the video for highlights, and check the links below.

(Episode Runtime: 2:20)

Direct YouTube Link: https://www.youtube.com/watch?v=uIc7UrapLus

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Ransomware Exploits Flash 0day – Daily Security Byte EP. 244

Next week is Microsoft and Adobe’s Patch Day. However, on Thursday Adobe released an emergency security advisory to fix a zero day Flash vulnerability. Watch the episode below to learn why you should get this update to avoid drive-by download attacks pushing ransomware.

(Episode Runtime: 1:44)

Direct YouTube Link: https://www.youtube.com/watch?v=F2MKTU9ZIO4

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Glibc Helps Hackers Pop Linux – Daily Security Byte EP. 217

Glibc is the standard C library that ships with mosts version of Linux. It includes many functions that handle the common tasks programs might need, such as looking up IP addresses associated with domain names. This week, Google and Red Hat researchers disclosed a serious vulnerability in this common library, which could allow remote attackers to execute code on your Linux machines. Watch today’s Byte to learn more about this issue, and what computers or devices it might affect.

(Episode Runtime: 3:26)

Direct YouTube Link: https://www.youtube.com/watch?v=j72tvt2Pfjk

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

OpenSSL DSA Vulnerability – Daily Security Byte EP. 209

Last week, the OpenSSL team fixed a vulnerability that could allow attackers to get the key used to encrypt your HTTPS or SSL connections. Watch today’s video to learn a bit more about this vulnerability, the update, and how WatchGuard products are affected.

(Episode Runtime: 3:17)

Direct YouTube Link: https://www.youtube.com/watch?v=I8yBGcTGtqM

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

OpenSSH Client Flaws – Daily Security Byte EP. 203

Today, Qualys disclosed two new vulnerabilities in the popular secure shell application, OpenSSH. One of the flaws is pretty serious, but only affects the OpenSSH client. Watch today’s episode to learn more about these issues, and learn what other products might be affected.

(Episode Runtime: 2:31)

Direct YouTube Link: https://www.youtube.com/watch?v=EQlJLOXCNZ4

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Joomla Attack in Wild – Daily Security Byte EP. 192

If you use Joomla to manage content on your website, you’re going to want to patch immediately. Today’s daily video covers a new zero day flaw in the open source content management system (CMS) that attackers are actively exploiting in the wild.

(Episode Runtime: 1:42)

Direct YouTube Link: https://www.youtube.com/watch?v=oLcHEBQb274

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

%d bloggers like this: