Home Tag "Security"

Short News: Forbes.com hacked back in November

Forbes released a blog post about an attack targeting forbes.com visitors back in November. While I visited the Blog and found that “Thought of the Day” pretty useless (and one more click before seeing the content), it’s kind of ironical that it was in Flash once (doesn’t seem to be the case anymore) and it […]

Short News: Health Insurer Anthem data breach

Anthem Inc. (previously Wellpoint Inc.) is one of the largest health insurance companies in the United States. They’ve released a FAQ page about this data breach which could possibly affect 69 million persons (figures from their website). We are working around the clock to determine how many people have been impacted and will notify all […]

Force Flash update by command line

Flash got an auto updater. It can however take some time until patches are detected and applied to the system. Especially for Flash 0-Day exploits, Flash updates can be critical and should be applied immediately. I leave it up to you how to auto-apply these forced updates to all your clients. Let’s get started! Forcing […]

Another Flash 0-Day: CVE-2015-0313

Looks like we can’t have two weeks without a flash 0-Day. Today, Feb 2nd, Adobe released another security advisory revealing CVE-2015-0313.  Adobe says that they’re aware of this Flash exploit being actively abused (they’re probably referring to the TendMicro blogpost). Successful exploitation could cause a crash and potentially allow an attacker to take control of […]

Check autorun entries with VirusTotal – Autoruns v13

Version 13 of Autoruns which was release January 29, 2015 includes a very handy feature to check unknown autorun entries with Virustotal “automatically”. It’s integrated pretty well, you open Autoruns as usual and then just right-click and choose Check Virustotal:   After you agree to VirusTotals Terms of Service (yes, obviously a hash of the file […]

Turn off Nginx version display

By default Nginx likes to show it’s version in the reply header of every request and on error pages. It is important to turn off the nginx version disclosure in order to prevent attackers to find potential exploits for your nginx server version. While this is generally a problem, I suspect that the secure “do […]

“Secure” config for OpenSSH 6.6 Ubuntu 14.04

When using a standard Ubuntu1 14.04 installation, it will be configured half-way secure. However, to achieve no findings on vulnerability scanners like nessus, you’ll need to tweak the settings further. Another nice side-effect is, that attackers are usually using outdated systems which means that they’re not even able to get to the authentication part. Disable […]