Uncategorized

Emergency Patch for IE — Krebs on Security

By Rick Pearson August 19, 2015 August 19, 2015 Uncategorized

All users should update their browsers – whether you use IE or not. As this is being exploited right now it is critical to get your systems patched.

Source: Microsoft Pushes Emergency Patch for IE — Krebs on Security

Google issues with WordPress sites and WordFence prior to 6.0.14

By Rick Pearson July 29, 2015 July 29, 2015 Uncategorized

We came into the office this morning to be greeted by an email from Google:

Google Crawling Issues

After a bit of research it seems that WordFence versions prior to 6.0.14 are causing this issue. SO, if you do see this issue, PLEASE upgrade to 6.0.14 and the Google Crawler will index your page correctly.

Default SSH Key Found in Many Cisco Security Appliances | Threatpost

By Rick Pearson June 26, 2015 June 26, 2015 Uncategorized

Many Cisco security appliances contain default, authorized SSH keys that can allow an attacker to connect to an appliance and take almost any action he chooses. The company said that all of its Web Security Virtual Appliances, Email Security Virtual Appliances, and Content Security Management Virtual Appliances are affected by the vulnerability.

This bug is about as serious as they come for enterprises. An attacker who is able to discover the default SSH key would have virtually free reign on vulnerable boxes, which, given Cisco’s market share and presence in the enterprise worldwide, is likely a high number. The default key apparently was inserted into the software for support reasons.

Source: Default SSH Key Found in Many Cisco Security Appliances | Threatpost | The first stop for security news

SANS: https://isc.sans.edu/diary/Cisco+default+credentials+-+again!/19839

Samsung deliberately disabling Windows Update | Debugging and reverse engineering

By Rick Pearson June 25, 2015 July 7, 2015 Uncategorized

TL; DR

If you have installed Samsung’s SW Update software then you MAY have Windows Update disabled EVEN AFTER the removal of Samsung’s SW Update software.

Check the Folder %ProgramData%\Samsung folder (usually C:\ProgramData\Samsung) and remove “Disable_Windowsupdate.exe“. Also, check for any scheduled tasks that run this program.

Source: Debugging and reverse engineering: Samsung deliberately disabling Windows Update

[Update] more on the story here: http://venturebeat.com/2015/06/23/samsung-is-actively-disabling-windows-update-on-at-least-some-computers/

When Solid State Drives are not that solid | Milliseconds Matter

By Rick Pearson June 22, 2015 July 7, 2015 Uncategorized

TL;DR
Broken SSDs with the Linux kernel (specifically Ubuntu 14.04) and TRIM support:

SAMSUNG MZ7WD480HCGM-00003

SAMSUNG MZ7GE480HMHP-00003

SAMSUNG MZ7GE240HMGR-00003

Samsung SSD 840 PRO Series
recently blacklisted for 8-series blacklist

Samsung SSD 850 PRO 512GB
recently blacklisted as 850 Pro and later in 8-series blacklist

Working SSDs:

Intel S3500

Intel S3700

Intel S3710

Source: When Solid State Drives are not that solid | Milliseconds Matter

Some 100,000 or more WordPress sites infected by mysterious malware | Ars Technica

By Rick Pearson December 17, 2014 December 17, 2014 Uncategorized

More than 100,000 websites running on WordPress content management system have been found to be infected with malware that attacks the devices of site visitors. Google has blacklisted more than 11,000 domains. Reports suggest that the attackers exploited a vulnerability in the Slider Revolution Premium plug-in, which the company has known about since September 2014.

Moral of the story: Install WordFence and keep as up to date as possible with the WordPress plug-ins.

Some 100,000 or more WordPress sites infected by mysterious malware | Ars Technica.