If you date online, especially at “adult” dating sites, you may want to reconsider how much data you share with these organizations. This week, a researcher found a stolen user data dump from a very popular adult dating site. Watch the video to learn the details, and find out how to learn whether or not you are affected by this and other breaches
This week, a group of university researchers disclosed a new vulnerability affecting the Diffie-Hellman key exchange. The Diffie-Hellman (DH) key exchange is a cryptographic method for two systems to establish a shared secret over a public communication channel, which they later use to encrypt their communications. Many encryption protocols, including HTTPS, SMTPS, IPSec VPN, SSH, and other TLS implementations, use it to set up shared secrets.
False Positive? settings-win.data.microsoft.com resolving to Microsoft Blackhole IP, (Tue, May 19th)
Thanks to Xavier for bringing this to our attention. It looks a couple of days ago, a legitimate Microsoft host name, settings-win.data.microsoft.com started to resolve to a Microsoft IP that is commonly used for blackholes that Microsoft operates: $ host settings-win.data.microsoft.comsettings-win.data.microsoft.com is an alias for settings.data.glbdns2.microsoft.com.settings.data.glbdns2.microsoft.com is an alias for blackhole6.glbdns2.microsoft.com.blackhole6.glbdns2.microsoft.com has address 126.96.36.199 Connecting to a blackhole IP like this is often an indicator of compromise, and many IDS”> [**] [1:2016101:2] ET TROJAN DNS Reply Sinkhole – Microsoft – 188.8.131.52/24 [**] [Classification: A Network Trojan was detected] [Priority: 1] … It is not yet clear what process causes the connect to this IP on port 443
Virtualization technology is great, but it does add new attack surface. CrowdStrike disclosed a new QEMU vulnerability that affects many popular virtualization platforms. In today’s video, I quickly summarize the issue, and share what you can do about it.
The Firebox M440 continues to rack up the accolades! Most recently, SC Magazine published the results of its Security Information and Event Management (SIEM) and Unified Threat Management (UTM) product group test. M440 not only received a 5-star rating, but also their coveted “recommended” stamp of approval. Moreover, it was called the “pick of the litter” of the group that included Check Point Software, Cyberoam, Dell SonicWALL, LogRhythm, McAfee, NetIQ, SolarWinds, and more.
Though Microsoft announced they plan to kill off Patch Day for Windows 10, it’s still alive and kicking in May. Today’s video shares the Patch Day highlights and recommends which updates you should prioritize.