2014-04-29

Microsoft warns Internet Explorer 6 to 11 vulnerable to zero-day spotted in the wild

As expected we now have MS vulnerabilities that will not be patched for the XP users. So, potentially this means a lottery for the bad guys, who will have unlimited access to potentially half a billion workstations. Sure, it is possible to have mitigating controls, to avoid this vulnerability. The question is how many of the users would bother to?!

2014-04-24

An Eavesdropping Lamp That Livetweets Private Conversations

Two artists have revealed Conversnitch, a device they built for less than $100 that resembles a lightbulb or lamp and surreptitiously listens in on nearby conversations and posts snippets of transcribed audio to Twitter
Full Story 

2014-04-18

Tails - Internet Anonymity

Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere
Good article on it is here, and the tool's home page is here.

Update 24-Jul-14:
A serious vulnerability discovered

2014-04-16

Diving Underground: Stolen PayPal Accounts:

Below is one of the many professional and well designed websites, that offers stolen PayPal accounts, in a simple 3 step process. Buyer's anonymity is maintained, thanks to Tor, temporary emails, and the use of BitCoin.

Step #1

Step #2

Step #3

HeartBleed explained xkcd style


2014-04-10

Hearbleed Bug - Impacting OpenSSL

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. 
In short - patch this now! And change your passwords on all the websites that were impacted here.

Some explanations here
Tech help here
Home page for the bug
Easy to read explanation
A good FAQ page, management style.

Update 10-May-2014:
300K servers are still vulnerable!

2014-04-03

Windows XP to die in April 2014

Update 08-Apr-2013:
Considering there are 39% desktops on the internet still using it, it is highly unlikely that everyone will upgrade by that time. So, does this mean party time for the hackers?

Update 03-Apr-2014: 
Infection rate may jump 66% after patches end in April
28% desktops on the internet still using XP!

Update 10-Apr-2014
Risks of running XP desktops

Update 27-May-2014
A registry hack, to help get free updates until 2019!

Update 28-May-2014:
MS warns against the use of this reg hack.

Update 09-Jun-2014:
An essay on why XP is even more vulnerable, since Apr-2014?