Profile cover photo
Profile photo
PEG Micro Informatique
5 followers
5 followers
About
Posts

Post has attachment
If you have an Apple product with airdrop capabilities it's probably time to set the Airdrop settings to 'Contacts Only'.

Post has attachment
Cisco IP PhoneVulnerabillity
31 Mar 2015

Cisco IP Phone Vulnerability Allows Audio Eavesdropping

Cisco's small business SPA300 and SPA500 internet protocol (IP) phones can be used to eavesdrop on private conversations, Cisco reported.
Three vulnerabilities named CVE-2015-0670, CVE-2014-3313 and CVE-2014-3312 were found after a security audit. The CVE-2014-3313 vulnerability allows users to elevate privileges through cross-site scripting and change the admin password on the device.
The vulnerabilities stem from improper authentication settings in the default configuration of firmware version 7.5.5.
An attacker could exploit this vulnerability by sending a crafted XML request to the targeted device. If exploited, the attacker could listen to a remote audio stream or make phone calls remotely.
However, to exploit this vulnerability, an attacker would need access to internal networks, which are often secured by a firewall. This may reduce the likelihood of a successful exploit.
Despite the vulnerability confirmation, Cisco first said the flaw was unlikely to be used and gave it a low "harassment" severity rating. The company later said it intends to patch the security flaw.
"I can confirm that Cisco is working on a patch and will provide it for our customers," Cisco senior manager for business critical communications Nigel Glennie told iTnews.

Post has attachment
Looks like the era of easy, secure home routers is over. There is another nasty vulnerability called "filet-o-firewall' that will easily expose your secure devices on your LAN.
Check out this link for details: https://threatpost.com/upnp-trouble-puts-devices-behind-…/…/
Check here to see if your router is affected: http://www.filet-o-firewall.com/p/vulnerable-routers.html

Post has attachment
Here's a little movie of the virus in action from the folks at the cisco blog. http://blogs.cisco.com/security/talos/ctb-locker-win10

Post has attachment
Windows 10 update scam: Here we go again. Please take care not to be tricked by a new scam. It' a pop-up window that promises to update you to Windows 10. "Great!", you say especially since you aren't eligible. The scam installs a virus payload into your computer that encrypts all your files and doesn't give them back until you pay a ransom.

https://threatpost.com/windows-10-upgrade-spam-carries-ctb-locker-ransomware/114114

Post has attachment
Beware of DropBox phishing scams. This email I got purported to be from a DropBox user sharing a file with me. Had I known the person I might have opened it. When I looked at the underlying source of the message the link wasn't pointing to DropBox at all. Possible Cryptovirus.
Photo

Post has attachment
Are you looking forward to using Windows 10?
-
votes visible to Public
0%
Yes
100%
No
0%
I don't use Windows

Post has attachment
I had an image of the RouterOS chains flowchart in a book, but I wanted a vector based one that I could scale so I made it over at Draw.io.
Photo

Use RouterOS Netwatch tool to act on outages. A little while ago a friend told me that he was having outages on his WAN interface connected to his ISP. He's using a Mikrotik RouterOS router. There's a hand little took in the Tools menu of the router called, Netwatch.
You create a new netwatch instance. In the “host” tab you enter a host to ping, an interval and a timeout. I used Google's DNS as the the host.
In the action tab. Under the tab called "Down" you need to enter an action. This can be anything you enter in the command line. For him I suggested, "/ip dhcp-client renew wan" . In this case whenever his WAN link goes down the DHCP client tries to bring the connection up again by renewing the address. You can do many things here. You can use it to fail over to another internet connection.

Post has attachment
Use TNEF's Enough for those pesky MIME attachments. If you're a Mac user from time to time you will receive an email from a Windows user that has an attachment called Winmail.dat and no other discernible content. The reasons for that are varied and have to do with way outlook and exchange handle email outgoing email. The fix, however, is easy. Go to the link below and download TNEF's Enough. It will be able to decode the attachment into readable text. It will also permit you to open any possible attachments that the message had.
Wait while more posts are being loaded