LastPass Possibly Hacked, Users Forced to Change Master Passwords: Online Collaboration «.
Do you use some kind of password management software or system? I never have until I spent a lot of time checking into LastPass and began using it a while ago. I don’t know that there is a real problem until more information on this problem comes out but it certainly will make me look into other options.
Well, that ain’t good! WordPress hacked.
And the Dark Reading article makes it sound possibly a lot worse. Notice the part about Facebook and Twitter.
A good reason to update to Adobe X and the latest version of Chrome. I like the sandboxing used in both, makes me feel like I’m being safer at least!
Hackers exploit Flash zero-day, Adobe confirms – Computerworld.
I love reading about cryptography and ran across this article. Do you really worry when someone finds a weak link in a certain cryptographic technique that would be almost impossible to really cause a problem? I think about that every time I read about every time a problem comes up related to something like MD5 or Tripple DES. I know it can be a problem but is anything completely uncrackable?!
What All This MD5 Hash Stuff Actually Means [Technology Explained]
via What All This MD5 Hash Stuff Actually Means [Technology Explained].
Who has played with Firesheep? I read a lot about it a while ago but never got around to playing with it. It sounded like a neat little tool to mess with folks but actually the best thing I like about it is what it will probably force a lot of social site to do. It should force a lot of SSL in sites that are now pretty insecure. What do you think?
I have gotten a ton of these emails in the last 48 hours and have to admit I clicked on one. Not sure what it may have done to my Windows 7 64 bit machine but I will be checking into it. You might want to pay attention to what you click on as usual. Even us geeks click on things we shouldn’t!
via Fake LinkedIn e-mails lead to Zeus Trojan | InSecurity Complex – CNET News.
I guess we knew this was coming but where will this stop? The government can probably already do more than we know or think they can do and now they are telling us they are going to do it!
U.S. Tries to Make It Easier to Wiretap the Internet – NYTimes.com.
Short article below related to the out of cycle patch Microsoft made available for the .LNK issue but the article also mentions how the fix isn’t for Windows XP SP2 machines. I wonder how many machines at homes will be open to this for years!
The issue recently published with shortcuts has me a little bothered. SANS has raised it’s INFOCON level to yellow (More Here) already and from what I’ve heard in podcasts over the weekend, it sounds like it can be more of a problem that what I read on Microsoft’s site. Microsoft Security Advisory (2286198)
I heard over the weekend in a podcast that this not only can be started with a bad USB device, over a corporate network or by WebDAV, but an also spread by Microsoft Documents, Outlook and favicons in websites. The next big issue that I think of is that I suppose when and if Microsoft comes out with a fix, Windows 2000 and Windows XP SP2 will not get it not that we are past it’s support life. I guess this could be getting blown out of proportion but couldn’t this be the next big worm since you don’t necessarily have to click on anything and it doesn’t matter if you have Autorun turned off?
Is it time for folks to move to something like Windows 7 with AppLocker, use a tool like Sophos came out with, or just wait and see what happens?
Is your router on the list and of course they couldn’t test them all. This is an interesting hack and I would think you could do a lot more than hack DNS but I’m no hacker! I would think that after switching to an internal IP there might be a lot more you could do.
“Millions” Of Home Routers Vulnerable To Web Hack « The Firewall – Forbes.com.