Profile cover photo
Profile photo
Bob Hodges
44 followers
44 followers
About
Communities and Collections
Posts

Post has attachment
Last week a serious security vulnerability (CVE-2015-7547) was found in the GNU C Library (glibc) which is used in most linux distributions. A maliciously crafted DNS response to a vulnerable system could cause it to crash, or in the worst case scenario, remote code execution. Patches are available for all major distros. 
Google Dev Blog: https://goo.gl/A0Fupa

Affected Distributions:
Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux Server 6
CentOS Linux 7
CentOS Linux 6
Debian Linux 6 squeeze
Debian Linux 7 wheezy
Debian Linux 8 jessie
Ubuntu Linux 15.10
Ubuntu Linux 14.04 LTS
Ubuntu Linux 12.04 LTS
SUSE Linux Enterprise Linux 11
SUSE Linux Enterprise Linux 12
openSUSE Leap 42.1

Post has attachment
Google released an anti-phishing Google Chrome extension. The extension warns users when they enter their Google password into a non-Google website. It does this by comparing user submitted form data with a one-way hash generated by the Google account password, and if a match is found Google produces a warning page notifying the user that their password was "exposed" and that they should reset it. 

Security researches have been able to bypass Google's extension using various techniques, but Google seems to be actively patching the extension. Article: http://goo.gl/Y6wgFw

Realistically, our K12 staff and students likely reuse the same password for many websites. Knowing this, I assume that the deployment of this extension would cause some confusion and an increase in tech support requests. Do we sacrifice security for user convenience? Personally, I beleive training our users to use strong, unique passwords and to be aware of social engineering attacks will prove to be the most effective defense.

Post has attachment
Looking for a script to increase volume for m-step? Well, you're in luck.

http://pastebin.com/3WZnYd6F#

Post has attachment
For those of you who host WordPress servers, make sure to install the 4.2.1 patch asap. 

https://threatpost.com/details-on-wordpress-zero-day-disclosed/112435

Post has attachment
Wait while more posts are being loaded