Glibc is the standard C library that ships with mosts version of Linux. It includes many functions that handle the common tasks programs might need, such as looking up IP addresses associated with domain names
TaoBao, China’s Ebay, suffered a major account hijack where attackers accessed over 20M user accounts. However, the attack wasn’t the fault of the e-commerce site itself. Watch today’s video to learn how this happened, why it should concern everyone in the world, and what you can do about it. (Episode Runtime: 2:47 ) Direct YouTube Link: https://www.youtube.com/watch?v=DVFmSIz4ITQ EPISODE REFERENCES: Over 20M TaoBao accounts hijacked in China – The Stack — Corey Nachreiner, CISSP ( @SecAdept )
Last week, the OpenSSL team fixed a vulnerability that could allow attackers to get the key used to encrypt your HTTPS or SSL connections. Watch today’s video to learn a bit more about this vulnerability, the update, and how WatchGuard products are affected. (Episode Runtime: 3:17 ) Direct YouTube Link: https://www.youtube.com/watch?v=I8yBGcTGtqM EPISODE REFERENCES: OpenSSL fixes a serious vulnerability related to DSA – Ars Technica Details on OpenSSL key recovery attack – Blogspot OpenSSL security advisory for update – OpenSSL WatchGuard’s knowledge base article on our exposure [ Requires login ] – WatchGuard — Corey Nachreiner, CISSP ( @SecAdept )
First the NSA, and now GCHQ.
Why not start your new year security plan right by staying current with patches? Tuesday was Microsoft and Adobe’s monthly patch day
Today, a few media outlets picked up on a new malicious spam campaign that masquerades as a missed WhatsApp message to deliver malware. However, this isn’t the first time cyber criminals have tried this trick.
Dell customers have been suffering from phone-based phishing scams, and some suggest the attackers are using stolen Dell information to support their social engineering. Whether or not that’s true, watch today’s video to learn a bit more about “vishing,” and how to identify and avoid it. (Episode Runtime: 3:30 ) Direct YouTube Link: https://www.youtube.com/watch?v=VouLQ4ki0ww EPISODE REFERENCES: Blog post suggesting Dell phone scammers using stolen data – 10zenmonkeys Was Dell hacked by vishers