A very good read of how bad the Adobe breach was. It also answers the question as to how Facebook was able to determine what the passwords used on Adobe were the same as being used on Facebook (even though they do not store the password or even the encrypted password). It is also truly scary how easily you can determine passwords given a large enough sample size.
It is interesting to note that you could be the unfortunate recipient of a DOS attack from Google/Bing/Yahoo simply because someone creates a page that will overload your database and bring your server to its knees. The real lesson here is that you should NEVER execute any SQL based on user supplied data without vetting it first. The secondary lesson is that you should (if you can) limit requests to your server from search engines via your robots.txt file (from here):
If your web application does have issues with handling occasional requests (for example on request per second), you can slow down Bing and Yahoo with the following entry in robots.txt:
This will ask crawlers to wait at least 120 seconds between requests. For Google, you can define the delay in the webmaster tools.
The company says this exploit will not affect Office 2013, but will affect older versions such as Office 2003 and Office 2007.
When you try to open the Exchange Management Console this error occurs:
The attempt to connect to http://sbs2011.domain.local/powershell using Kerberos authetication failed: Connecting to remote server failed with the following error message: The WS-Management service cannot process the request. The system load quota of 1000 requests per 2 seconds has been exceeded. Send future request at a slower rate or raise the system quota. The next request from this user will not be approve for at least 1522693632 milliseconds. For more information see the about Remote_Troubleshooting
just run iisreset from cmd
After reading this we are recommending that anyone with a Netgear router/firewall product checks the following URL:
If this comes up with an authentication request then there is no need for concern – HOWEVER if this does present a page to you then we STRONGLY recommend turning off Remote administration of the router until Netgear issues an update – or getting a new (non Netgear) router/firewall.
The Cryptolocker ransomware is still going strong. In essence, once your computer has been infected it encrypts all of your “document” files based on file extension and then gives the user 72 hours to pay the ransom ($300 USD or 2 BTC). It will encrypt not only the local files but also any files stored on shared drives – which makes it critical that you are protected. It is one of the few pieces of ransomware that does encryption *correctly* so at present, short of paying the ransom, there is no other means to decrypt. Bleeping Computer has a good write up of the virus and what to do:
openssl pkcs12 -in «yourfile.pfx» -nocerts -out «keyfile-encrypted.enc»
openssl pkcs12 -in «yourfile.pfx» -clcerts -nokeys -out «certificate.crt»
openssl rsa -in «keyfile-encrypted.enc» -out «keyfile-decrypted.key»
You are quite literally only as secure as the weakest part of the security chain. In this case a Faxed DNS change request was acted on with no confirmation of the authority to proceed.
Backdoor found in D-Link router firmware code
I would recommend that you disable remote management on any of the following DLink devices: