October, 2014

article thumbnail

Poodle SSLv3 vulnerability: What it is, how to discover it, how to defend against it

NopSec

Google security researchers Bodo Moller, Thai Duong and Krzysztof Kotowicz recently uncovered a vulnerability in SSL 3.0 that could allow secure connections to be compromised by attackers. The researchers are calling the attack POODLE, or Padding Oracle On Downgraded Legacy Encryption. “SSL 3.0 is nearly 18 years old, but support for it remains widespread,” Moller wrote in a blog post describing the issue. “Most importantly, nearly all browsers support it and, in order to

article thumbnail

Kali & NetHunter Security Release Fixes

Kali Linux

Squash the Bugs with Kali 1.0.9a Over the past couple of weeks, we’ve seen a bunch of nasty bugs hit the scene, from shellshock to Debian apt vulnerabilities. As we prefer not to ship vulnerable ISOs, we’ve rolled up new images for our Kali Linux and NetHunter releases as well our Amazon AWS images with the relevant security fixes in place.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cloud Data Protection Investment for Spinbackup

Spinone

Spinbackup is a premier Cloud-to-Cloud Backup Cloud Cybersecurity solutions provider for G Suite and Office 365. The company is an authorized Google Partner featured on the G Suite Marketplace, and an Advanced Technology Partner of Amazon. Over 1,000 organizations with more than 150,000 G Suite users and 20,000 individual Google users currently rely on Spinbackup. […] The post Cloud Data Protection Investment for Spinbackup first appeared on SpinOne.

Backups 52
article thumbnail

Are the clouds in the sky rebooting?!

NopSec

If you are like us at NopSec one of the companies that operators on Amazon AWS cloud, this past couple of days resembled a lot more a perilous path. A series of reboot of the entire Amazon cloud forced us and most AWS-based cloud providers to spend long hours in the office or remotely to make sure things were in order after the reboot. “These updates must be completed by Oct. 1 before the issue is made public as part of an upcoming Xen Security Announcement (XSA),” according to the A

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

The First Steps After an Attack

NopSec

The term “security breach,” and other similar phrases, have become commonplace. This year alone we have seen the data of millions of people illicitly accessed and stolen from the networks of giants like Target, eBay, and JPMorgan Chase. Each week there seems to be a new report on some company falling prey to ever-ready attackers. In order to continue successful business operations, maintain customer trust, and build a strong brand reputation, everyone from the CEO to the network analyst needs to

article thumbnail

Xen and the Art of Vulnerability Maintenance

NopSec

It is no secret that hackers have been making the rounds, targeting organizations of all sizes, from national retailers to local financial institutions, using familiar exploits like Heartbleed and Shellshock to execute their hits. This recent spate of malicious attacks has shown just how vulnerable our Internet-based world is. In the era of ‘Internet of Things’, minor flaws can have catastrophic consequences if vulnerabilities are not fixed in time.