Tag: USCERT

Dec 19 2014

US-Cert’s Alert (TA14-353A): Targeted Destructive Malware

US-Cert has an excellent post on the Sony Malware: Alert (TA14-353A) Targeted Destructive Malware Overview US-CERT was recently notified by a trusted third party of cyber threat actors using a Server Message Block (SMB) Worm Tool to conduct cyber exploitation activities recently targeting a major entertainment company. This SMB Worm Tool is equipped with a …

Continue reading

Nov 11 2014

Another SSL Attack: POODLE

SSL used to be the foremost method for securing web communications until around 1999 when TLS 1.0 was released. BEAST demonstrated inherent flaws in the aging SSL 3 protocol (RC4!). Now, POODLE demonstrates that SSL3 needs to be disabled on the client AND server side. Note that the chance of this specific issue being the …

Continue reading