Tech Chop Shop
3 views | +0 today
Follow
Your new post is loading...
Your new post is loading...
Scooped by PJ
Scoop.it!

InfoSec Handlers Diary Blog - Looking for malicious traffic in electrical SCADA networks - part 1

SANS Internet Storm Center - A global cooperative cyber threat / internet security monitor and alert system. Featuring daily handler diaries with summarizing and analyzing new threats to networks and internet security events.
more...
No comment yet.
Scooped by PJ
Scoop.it!

Financial cyber threats in 2013. Part 2: malware

Financial cyber threats in 2013. Part 2: malware | Tech Chop Shop | Scoop.it
Programs designed to steal e-money and financial data are among the most complicated types of malicious software out there today.
more...
No comment yet.
Scooped by PJ
Scoop.it!

Admins: why not review config standards as you fix Heartbleed? - F-Secure Weblog : News from the Lab

Admins: why not review config standards as you fix Heartbleed? - F-Secure Weblog : News from the Lab | Tech Chop Shop | Scoop.it
F-Secure Security Labs brings you the latest online security news from around the world. Ensure that you are up-to-date with the latest online threats to guarantee your online wellbeing.
more...
No comment yet.
Scooped by PJ
Scoop.it!

Adobe Releases Security Updates for Flash Player and AIR | US-CERT

Adobe has released security updates to address multiple vulnerabilities in Adobe Flash Player and AIR.
more...
No comment yet.
Scooped by PJ
Scoop.it!

Cisco Security Advisory: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products

Multiple Cisco products incorporate a version of the OpenSSL package affected by a vulnerability that could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.

The vulnerability is due to a missing bounds check in the handling of the Transport Layer Security (TLS) heartbeat extension. An attacker could exploit this vulnerability by implementing a malicious TLS or Datagram Transport Layer Security (DTLS) client, if trying to exploit the vulnerability on an affected server, or
a malicious TLS or DTLS server, if trying to exploit the vulnerability on an affected client. An exploit could send a specially crafted TLS or DTLS heartbeat packet to the connected client or server. An exploit could allow the attacker to disclose a limited portion of memory from a connected client or server for every heartbeat packet sent. The disclosed portions of memory could contain sensitive information that may include private keys and passwords.

This advisory will be updated as additional information becomes available. Cisco will release free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities may be available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
more...
No comment yet.
Scooped by PJ
Scoop.it!

The Dark Power of Windows PowerShell

The Dark Power of Windows PowerShell | Tech Chop Shop | Scoop.it
Windows PowerShell, the Microsoft scripting language, has made the headlines recently due to malware authors leveraging it for malicious purposes. Symantec has identified more PowerShell scripts being used for nefarious purposes in attacks.
more...
No comment yet.