Monthly Archives: October 2014

CRYPTOWALL ALERT

Reprinted from PC World The cybercriminals behind the CryptoWall ransomware threat have stepped up their game and are digitally signing new samples before using them in attacks in an attempt to bypass antivirus detection. Researchers from network security firm Barracuda Networks found new CryptoWall samples that were digitally signed with a legitimate certificate. The samples were distributed through drive-by download attacks launched from popular websites via malicious advertisements. Several websites in the Alexa top 15,000 list were affected by this latest malvertising—malicious advertising—campaign including hindustantimes.com, the site of Indian daily newspaper Hindustan Times; Israeli sports news site one.co.il; and Web development community codingforums.com. “In every case, malicious content arrived via the site’s use of the Zedo ad network,” the Barracuda researchers said in a

Patch Tuesday October 14, 2014

Today Microsoft released 24 updates for Windows users. Three were listed as CRITICAL. Below you will see that the people at Microsoft have been diligently working to keep Windows Vista, Windows 7, and Windows 8 users safe. Please review your Windows Updates and install all of the patches. Microsoft has released eight security bulletins and updates to address them. A total of 24 vulnerabilities are addressed in these updates, three of which are rated Critical. MS14-056MS14-058 and MS14-060 all fix vulnerabilities which have been exploited in the wild for some time. MS14-056 and MS14-058 are rated Critical by Microsoft and MS14-060 gets a lesser Important rating. See Multiple active zero-day vulnerabilities patched today for more details on some of these attacks.
  • MS14-056: Cumulative Security Update for Internet Explorer (2987107)  — 14 of the 24 vulnerabilities fixed today are in this update. One of...

The good news: Windows systems are not affected by this bug but Apples are.

Shellshock Bug: What You Need to Know

Shellshock bug You may have heard about the Shellshock bug, the latest Internet security issue to make waves on news and tech sites throughout the web. Security experts are saying it has the potential to be bigger than the Heartbleed security flaw. What you might not understand is what the bug is and what its discovery means for you. Fortunately, we have laid out the details to help you be more informed about this issue.

What is the Shellshock bug?

A bug is the term used for an error in the code of software. This particular bug is a vulnerability that was discovered in the...