Category: WatchGuard

Emergency Java Update – Daily Security Byte EP. 213 0

Emergency Java Update – Daily Security Byte EP. 213

Normally, Oracle only releases patches every three months. However, they broke that cycle to release an emergency Java update. Watch today’s video to learn what it fixes, (Episode Runtime: 1:58 ) Direct YouTube Link: https://www.youtube.com/watch?v=u3OjtxHzZFs EPISODE REFERENCES: Oracle’s out-of-cycle Java advisory  –  Oracle Story on Oracle’s emergency Java patch  –  V3.co.uk Old Java installer might install malware –  Digital Trends —  Corey Nachreiner, CISSP  ( @SecAdept )

Insider Spear Phishing – Daily Security Byte EP. 212 0

Insider Spear Phishing – Daily Security Byte EP. 212

Usually, we discuss spear phishing as an external attack. However, a recent Department of Justice case proves insiders leverage spear phishing too. Watch today’s video to learn how a former Nuclear Regulatory Committee employee tried to spear phish his ex-coworkers, and how you might avoid such attacks

TaoBao Account Hijack – Daily Security Byte EP. 211 0

TaoBao Account Hijack – Daily Security Byte EP. 211

TaoBao, China’s Ebay, suffered a major account hijack where attackers accessed over 20M user accounts. However, the attack wasn’t the fault of the e-commerce site itself. Watch today’s video to learn how this happened, why it should concern everyone in the world, and what you can do about it. (Episode Runtime: 2:47 ) Direct YouTube Link:  https://www.youtube.com/watch?v=DVFmSIz4ITQ EPISODE REFERENCES: Over 20M TaoBao accounts hijacked in China  –  The Stack —  Corey Nachreiner, CISSP  ( @SecAdept )

OpenSSL DSA Vulnerability – Daily Security Byte EP. 209 0

OpenSSL DSA Vulnerability – Daily Security Byte EP. 209

Last week, the OpenSSL team fixed a vulnerability that could allow attackers to get the key used to encrypt your HTTPS or SSL connections. Watch today’s video to learn a bit more about this vulnerability, the update, and how WatchGuard products are affected. (Episode Runtime: 3:17 ) Direct YouTube Link:  https://www.youtube.com/watch?v=I8yBGcTGtqM EPISODE REFERENCES: OpenSSL fixes a serious vulnerability related to DSA  –  Ars Technica Details on OpenSSL key recovery attack  –  Blogspot OpenSSL security advisory for update  –  OpenSSL WatchGuard’s knowledge base article on our exposure [ Requires login ] –  WatchGuard —  Corey Nachreiner, CISSP  ( @SecAdept )

Two Phishing Breaches – Daily Security Byte EP. 208 0

Two Phishing Breaches – Daily Security Byte EP. 208

This week, two different organization’s in two different industry verticals suffered security incidents that either lost them tons of money, or tons of time. What do they both have in common, and what can we learn from them? Watch today’s video to find out! (Episode Runtime: 3:26 ) Direct YouTube Link:  https://www.youtube.com/watch?v=crBB4CU-cTs EPISODE REFERENCES: Ransomware infects Israel Energy Authority and disrupts network –  ComputerWorld Cyber criminals steal $55M from an aerospace manufacturer –  IBTimes A article on the changes in phishing emails –  IT Pro Portal —  Corey Nachreiner, CISSP  ( @SecAdept )