This has been moved to a standalone page. The content can be found here: https://www.jaredsec.com/life-outside-the-firewall-protection/
Internet Security
Vulnerabilities with Movie Subtitles
Check Point Software Technologies has uncovered vulnerabilities in the processing of Subtitles with the four most popular movie players for Windows and Linux systems: VLC Kodi Popcorn-Time Stream.io Hackers can exploit Subtitle ranking algorithms and allow exploited subtitles to be delivered first. The instant the subtitle is loaded, the hacker is able to perform Remote […]
BOLO: Chrome Spreads Your Creds!
There is a vulnerability that exists in the current version of Google’s Chrome browser that can allow your Windows Login, or Network Login, credentials to be pilfered by a remote hacker. The problem occurs by having Chrome download a harmless .SCF file. These files are very much like the .LNK files of old. SCF stands […]
The Cybersecurity Framework
Introduction In 2014, in response to an Executive Order from President Obama, the National Institute of Standards completed “Framework for Improving Critical Infrastructure Cybersecurity“, also known as “The Cybersecurity Framework“. The framework looks like a “Bow Tie”, from NISTIR 8170: The Framework’s five functional components are: ID: Identify PR: Protect DE: Detect RS: Respond RC: Recover […]
Demystifying President Trump’s CyberSecurity Executive Order
It didn’t take President Trump long to weigh-in on Federal Government CyberSecurity. And it took even less time for all kinds of company “Talking Heads” to issue their own self-serving versions of the Executive Order. There isn’t much there. No move to the “cloud”. No massive consolidation of resources into a massive Government data silo. No […]
Help for MalWare & RansomWare?
The best way to stay safe in today’s world is to know the equipment that your using. Mostly, good common sense is all that is needed. But if you’ve been infected with RansomWare, you’re probably doomed and need to restore from backup. The keyword here is “probably“. In cases where a cryptographic hashing function has […]
BOLO: WannaCry(pt) RansomWare
First observed in February the WannaCry, or WannaCrypt, virus is wreaking havoc in European networks. Major outbreaks of a new variant were first detected Friday, 5/12/2017 in Spain but it has now traveled to over 99 countries. It also took out England’s National Health Service (NHS). The virus is web-based and spreads from users clicking […]
BOLO: Netrepser Espionage Trojan
Netrepser is a JavaScript (JavaScript ≠ Java) Trojan designed for espionage purposes. This was detected and reported by Bitdefender on May 5, 2017. Believed to be of Russian origin, the common distribution of this Trojan is by Email. However, its JavaScript nature suggests that this may be able to cause infections in web-based “Drive-By Download” […]
BOLO: New “Jaff” RansomWare
Yesterday, May 11, 2017 a new type of ransomware was released called “Jaff”. This is spread via the Necurs Botnet using Email as the transmission media. Considering last weeks exploits of Google Gmail accounts, I suspect this will eventually migrate to appear as Emails from legitimate friends. Beware of any emails with the subject lines […]
Top Attacking Countries: April 2017
From WordFence’s monthly summaries: