Categories

Secure Linux Systems Require Savvy Users

Linux securityPatches are available to fix the bash vulnerability known as Shellshock, along with three additional security issues recently found in the bash shell. The patches are available for all major Linux distros as well as for Solaris, with the patches being distributed through the various distros.

After the patch is applied, there are a couple of commands that can be run from a terminal to ascertain [...]

Continue reading Secure Linux Systems Require Savvy Users

When the Police Can Brick Your Phone

“Tyranny. Pure and simple. If it is software, somebody will find a way to hack it. If it is hardware, ‘old’ smartphones will be worth their weight in platinum.”

My friend Ross from Toronto made this comment with a link he posted on Facebook to The Free Thought Project’s article on a new about-to-be law in California. The law mandates a kill switch on all new smartphones, allowing the owner of a stolen phone to [...]

Continue reading When the Police Can Brick Your Phone

USB Ports Are No Longer Your Friend (If They Ever Were)

usbthumbdrive

Just because the good guys have discovered a new security risk doesn’t mean the bad guys haven’t known about it forever. The risk is only new to us. It’s actually been there for a long time, maybe forever. Who knows how long everyone from the black hats in Moscow to the NSA in bucolic Maryland have been taking advantage of what appears to us to be a “new” exploit?

The USB security hole recently unveiled [...]

Continue reading USB Ports Are No Longer Your Friend (If They Ever Were)

eBay Hacked – Will Ask Users to Change Passwords

eBay announced this morning that they’ve been hacked and that “encrypted passwords and other non-financial data” have been compromised. They’re expected to begin notifying their customer base later today, which will include a suggestion for users to change their passwords. The company says that PayPal, an eBay subsidiary, uses its own servers and was not affected by the attack.

According to CNET, the first public news of the compromise came by way of a cryptic [...]

Continue reading eBay Hacked – Will Ask Users to Change Passwords

WordPress Jetpack Sharing Plugin Exploited by Spammers

The sharing feature of the Jetpack plugin for WordPress is currently being exploited for the purpose of sending spam and possibly for DDOS attacks. FOSS Force became aware of this after we began looking into emails being sent to us by our server’s security system, notifying us of massive amounts of email being sent from our server. An investigation by our IT people traced the problem to the “Sharing” function of the Jetpack plugin.

Jetpack [...]

Continue reading WordPress Jetpack Sharing Plugin Exploited by Spammers