According to wired, Github was hit with 1.35 terabits traffic on wednesday at 12:15 pm (ET). This incredible powerful DDoS originated from over 100,000 memcached servers that are currently exposed on the web. The attack was mitigated by Akamai this time. You can find more information on Wired.
Twitch.tv, the live streaming platform now owned by Amazon.com, might have suffered a data breach. In a short blog post on the Twitch Blog, they state that […] there may have been unauthorized access to some Twitch user account information […] – Twitch Blog They’ve disconnected all associated twitter and steam accounts and forced a […]
The new OpenSSL patch I’ve written about yesterday is now released. Shortly before the release they had to fix another issue within the OpenSSL patches which are now released. You can find new Version here: http://openssl.org/source/ – the packages for most linux distributions are probably in the work right now. (Check relevant links below) As the […]
The OpenSSL team announced that there will be security fixes in the OpenSSL releases 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf which will be published on the 19th march. The announcement states that the highest severity being fixed is “high”. The highest severity defect fixed by these releases is classified as “high” severity. – OpenSSL Project Team The OpenSSL […]
And once again an OpenSSL vulnerability has been disclosed. It was disclosed by Karthikeyan Bhargavan and the mitLS team. As every vulnerability needs a fancy name these days, this one is called FREAK attack. The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography, which can then be […]
[Please read the update at the bottom!] While working on setting up Data Leakage Protection Endpoint in a production environment, Security Specialist Mekin Pensen discovered that Dropbox touches way more files than it actually should. In his test, he installed Dropbox to the C: Partition of his windows computer and opted-in for selective sync, which states […]
Everyone is a fan of great music – I love electronic music. Some days ago a friend of mine sent me a link to a 24/7 “Monstercat” live channel. As I’m working for a livestreaming production company as well, I wanted to see how they’re doing stuff. Being highly curious I started checking out the […]
Software pre-installed by the hardware manufacturer is rarely useful. That’s nothing new. Most system administrators are re-installing notebooks and computers before they’re using them. This is probably the reason that this security nightmare has not been discovered before. Lenovo is a known brand for its business notebooks. Chris Palmer, a developer working for Google on […]