Welcome!

Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Hurricane Labs

Folks who know me know one thing about me for certain, I am a conflicted individual. On the one hand I detest encryption as a security mechanism and on the other I LOVE encryption as a privacy mechanism. In the same day, nay, sometimes in the same hour I can argue for and against SSL and sometimes to the same person! I guess it helps to be able to have conflicting opinions on things but it gets confusing so I thought I'd do a quick post on why SSL is both good and bad. Away we go: Cons: SSL should never be used a security mechanism on its own, unfortunately the traditional uses often do but it is simply not designed for that. When you read on a website "our site is 100% secure because we use industry grade encryption" then know you are reading a falsehood. This is something that has spread throughout the web like a cold spreads through a preschool. It is simply untr... (more)

Hurricane Beacon 2011-01-24

---------------------------------- Daily News 2011-01-24 ---------------------------------- ---------------- CRITICAL ---------------- Adobe Flash Player vulnerabilities - [http://seclists.org/bugtraq/2011/Jan/132] - "…possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service." Adobe Reader vulnerabilities - [http://seclists.org/bugtraq/2011/Jan/133] - "…possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service." VLC Media Player - [http://... (more)

Hurricane Beacon 02-17-2011

---------------- CRITICAL ---------------- openafs security update - [http://seclists.org/fulldisclosure/2011/Feb/347] phpmyadmin security update - [http://seclists.org/fulldisclosure/2011/Feb/352] Django vulnerabilties - [http://seclists.org/fulldisclosure/2011/Feb/384] Cisco Security Agent Management - [http://seclists.org/bugtraq/2011/Feb/195] ----------------- SECURITY ----------------- IT Pros Admit to Retaining Security Access at Former Job Sites - [http://www.eweek.com/c/a/Security/IT-Pros-Admit-to-Retaining-Security-Access-at-Former-Job-Sites-Survey-341472] Cyber-attack hits Canadian... (more)

Beacon Podcast – Episode 016

Hurricane Labs Beacon Podcast Episode Number: .016 – Somebody’s Watching Me Edition Hosts: Bill Mathews (@billford), Matt Yonchak (@mattyonchak), Patrick Sayler (@psayler), Josh Evans (@jsevans59) Facebook Holds “Deleted Photos - Why put it up if you want to delete it? - Is anyone surprised? Amazon Prime Streaming Viacom - Brings more content - Closer to Netflix-level streams - Matt likes prison shows - RANDOM CRIME DRAMAS Trustwave Issues DECRYPT ALL THE THINGS Super Cert - “Not common practice” - Then how did it happen!? Mandatory Disclosure for IT Security Companies - A novel idea - ... (more)

Beacon Podcast – Episode 018

Hurricane Labs Beacon Podcast Episode Number: .017 – DinoRAWRS Edition Hosts: Bill Mathews (@billford), Matt Yonchak (@mattyonchak), Patrick Sayler (@psayler) Chrome to support Do Not Track privacy feature - Not sure we believe them - Target knows when you’re pregnant - Bill likes shoes Ancient Computers in Use Today - Subway systems are olddd - Bill has old friends - Parents throw away cherished items Google Search History - Remove search history before privacy policies merge - Don’t search for things you don’t want seen? Employees Don’t Follow Policies - SHOCKING - Security Awareness ... (more)