What is Hajime, and Why Should Mirai Care?

Posted by & filed under List Posts.

Hajime Versus Mirai

A malware strain called Mirai is created that amasses a botnet through exploitation of unsecured Internet of Things devices. As the number of zombie devices continues to build, the people behind the malware start to use it in distributed denial of service (DDoS) attacks. Eventually, Mirai really puts itself on the map by launching an… Read more »

How to Choose a Managed Services Provider

Posted by & filed under List Posts.

How to Choose a Managed Services Provider

What is an MSP?   In the interest of information security and staying focused on core competencies, many companies choose to work with managed services providers (MSPs). An MSP is an organization that manages the computing needs of customers. Services are performed at a distance and often funded by a subscription, a fee charged each… Read more »

Security Alert: CVE-2016-0728 – Linux

Posted by & filed under List Posts.

Over the course of the past several years, millions of servers running Linux have seen vulnerabilities that allow unprivileged users and apps to obtain root level access.  Most of the major Linux distributions are expecting to fix this vulnerability this week. According to security researchers from Perception Point, the vulnerability which is within the OS… Read more »

BIND Vulnerability – CVE-2015-5477

Posted by & filed under List Posts.

There has been a new vulnerability reported in BIND. This critical vulnerability can potentially allow an attacker to utilize BIND as a vector for a Denial of Service attack. At present, the only way to fix this vulnerability is via patch. We highly recommend patching BIND on your server as quickly as possible. If you… Read more »

OpenSSL Vulnerability – CVE-2015-1793

Posted by & filed under List Posts.

A new vulnerability specific OpenSSL versions has been discovered. Due to this vulnerability, an attacker could cause checks on untrusted certificates to be bypassed. This would then enable the attacker to use an invalid certificate. This vulnerability has been assigned ID CVE-2015-1793. Client side applications which verify certificates including SSL/TLS/DTLS & servers using SSL/TLS/DTLS may… Read more »