Blogs

Ransomware 2013, holding your data hostage

Cryptolocker is a new piece of malicious software that has started circling the globe in the last half of 2013.  Deemed "rasomware" by security professionals, Cryptolocker encrypts your files and demands payment to receive the key to decrypt them.  The United States Computer Emergency Readiness Team (US-CERT) drafted a briefing about this software, how to protect yourself, and what to do if you are infected.

https://www.us-cert.gov/ncas/alerts/TA13-309A

Adobe login credential theft

At the beginning of October, Adobe notified its customers of the theft of about 2.9 million account credentials.

http://blogs.adobe.com/conversations/2013/10/important-customer-security...

To reset your Adobe password, you can visit the following site.

https://www.adobe.com/account/sign-in.adobedotcom.html?passwordReset=true

Security Awareness on Social Media

http://www.educause.edu/blogs/lspitzner/security-awareness-social-media

Lance Spitzner from SANS is writing about Security Awareness on Social Media this month.  This blog entry specifically reviews privacy and social media, two polar opposites in today's world of online media.  It also reviews how to spot potential scams and finally, why to keep work and your personal life separate when posting online.

This is a great read to start off CyberSecurity Awareness Month.

FreeRadius Overflow in EAP-TLS for 2.1.10, 2.1.11 and 2.1.12.

http://freeradius.org/security.html

" The CVE notification is CVE-2012-3547. The issue was found by Timo Warns, and communicated to security@freeradius.org. A sample exploit for the issue was included in the notification.

We recommend all administrators using EAP and 2.1.11, 2.1.12, or the git "master' branch upgrade immediately.

Pages