Category: Computer Tech
-
Mac OS X 0-day
Gone are the days when Mac OS X was regarded as secure and not a target for malicious code. Hackers are actively exploiting a privilege-escalation bug in the latest edition of Mac OS X caused by new error-logging features added to that version ( 10.10.4 ). The issue is serious enough that it allows drive-by attacks…
-
Security issues invade non-traditional areas
We’re mostly used to malicious attacks being associated with computer, servers, mobiles and other IT-related systems. But more and more, computing is being pushed into areas that aren’t traditional for these attacks yet are fast becoming critical areas. InternetOfThings (IoT ) devices and automotive applications are starting to appear on hackers’ radars. Some security researchers…
-
Backups and online data
This past weekend has not been a good one for Mweb Business. On Friday, some misconfiguration, glitch or human error caused the loss of many clients’ hosted systems on Mweb’s virtual hosting platform. Clients were greeted with a message stating that their new/clean virtual machines were now up with a new IP address. And no data. That…
-
Flash triple threat
The last week has been a very interesting one ( read OMG it’s almost the end of the world ) in the security world. There were new threats from all corners but Adobe Flash stole the show with 3 critical issues in 2 days. All 3 issues could result in remote code execution or DoS attacks.…
-
MS Windows critical font vuln
Microsoft release an out-of-order patch yesterday for a critical vulnerability relating to custom fonts resulting in remote execution of code on a machine. More details here: http://gizmodo.com/go-update-windows-right-now-1719187152 Note that because Windows Server 2003 has just gone end-of-life, there is no update for it.
-
Home routers: security fail
It’s no secret that I absolutely hate non-business/home-based ( ADSL/3G/other ) routers. From a security point of view, they have a history of never-ending security issues that result in a variety of malicious attacks including DNS reflection, remote control, spam, malware infections and other attacks. There are other serious issues including ( but not limited…
-
Invoiceplane takes another step
I took quite some time to find an accounts/invoicing package that suits my work style but I finally came upon Invoiceplane last year. The basic requirements were: product/service database client database create quotes create invoices send invoices via email classification of invoices and quotes ( workflow eg. created, sent, overdue, etc. ) list invoices by…
-
Online security in the shopping season
Online security should always be the focus of anyone using the internet. Yet major holidays tend to be more important seeing as there are many who only shop online around this time. Black Friday especially is a big draw-card. The fact is that online security is part common sense and part preventative maintenance. If you…
-
eMailStor Services and other
It’s not often that I blog about business services that we offer as this is supposed to be a general IT blog, however I’ve had quite a few inquiries about what it is that eMailStor does so a blog entry is the easiest … eMailStor was started to service one requirement: SMTP relay. This is…
-
Apple Pay thoughts and security
The big Apple event on Tuesday wasn’t that big a deal in my opinion. The iPhone 6 was expected although not in 2 editions but that is the least that Apple had to do to catch up with Android. Apple watch? Meh … sleek industrial design and interesting software options but ultimately I still think that smart…
-
A fascination with special characters
In the computer world, special characters can have a certain usefulness or can be a hindrance. The very first special character I learnt 25 years ago, was the colon. It was ( still is ) used as the delimiter to change drive letters in DOS. eg. if you were in drive C and wanted to go…
-
Heartbleed finally results in some resources for OpenSSL
Heartbleed continues to cause enormous issues around the globe and is being actively attacked. Saying that, the bulk of solutions and systems out there using OpenSSL have been patched by now so the risk surface is growing smaller and smaller by the day. OpenSSL President Steve Marquess wrote in a blog post last week that…
-
Heartbleed SSL attack
The latest SSL attack in the form of Heartbleed ( ref. CVE-2014-0160 ) has burst onto the scenes in the last 24 hours with a bang. Effectively, Heartbleed is a weakness in OpenSSL that allows the theft of information that is under normal circumstances protected by SSL/TLS. It allows the memory of affected systems to be…
-
The end of Windows XP
Windows XP support will officially end on April the 8th next week. This is a very important change that appears to have escaped many people. Why important? Because you will no longer be receiving any updates ( security or other ) from Microsoft for XP. That effectively means that if there is a security hole…