Temporal Based Intelligence
Jared's Network and Security Blog
  • Home
  • Telecom Corner
  • About
  • Contact
  • Donate
  • Site Index
  • Links

Microsoft Patch Tuesday: October 2017

October 10, 2017 Jared Hall General No Comments

Hmm.  It’s another big update.  Front and Center is CVE-2017-11826, a Remote Code Excecution, Zero-Day bug in all versions of Office 2007 and later, Word Automation Services, and Microsoft Office Web Apps server.  This is important since there are active exploits of this bug “in the wild”. Two other Zero-Day bugs were fixed, CVE-2017-8703 (DOS in the […]

More

VPN Services: A Primer

October 10, 2017 Jared Hall Internet Security, Telecom Security No Comments

So, I got an Email last week from a fellow in Estonia asking me to add his site to my list of links.  I don’t really want to link to everybody with an article, but these people did such a good job evaluating different VPN systems that it is worthy to write about it. Their site […]

More

The How & Why of Caller-ID/SMS Spoofing

October 9, 2017 Jared Hall General No Comments

Caller-ID Spoofing?  There’s an App for that! I recently received correspondence from individuals that I did not communicate and quickly determined that an unknown party has been spoofing my phone number.  Between 2006 and 2007, I did some work for a small, local CLEC that had a CLASS 5 switch in St. Petersburg.  They had […]

More

Common Mistakes Made With Your Tech Partners

October 7, 2017 Jared Hall General No Comments

ZDNet published an article “Ten mistakes to avoid when working with tech partners“, summarized herein by specifying what a company should do: Don’t treat all tech partners the same. Each of your tech partners have different functions, styles, and backgrounds.  They each contribute to your success in a different way.  You cannot manage them in […]

More

Un-Clouding: Don’t Let This Happen to You!

October 7, 2017 Jared Hall Internet Security No Comments

There was an article that was sent to me entitled “Unclouding trend is real, but preventable“.  That got my attention since the Cloud is in that period of disillusionment.  They cited a Q3 2016 survey from Datalink that stated that nearly 40% of organizations with public cloud experience have migrated systems from the Cloud to […]

More

Joomla: Security Update

October 6, 2017 Jared Hall General No Comments

Joomla corrected a bug that was created 8 years ago where an attacker can steal website administrator credentials.  The bug exists in Joomla’s LDAP (Lightweight Directory Access Protocol).  Input is not properly sanitized, so an attacker can use wildcards to progressively determine credentials. Although the bug was present for 8 years, Joomla fixed it promptly […]

More

Top Attacking Countries: September 2017

October 6, 2017 Jared Hall General No Comments

The top three countries countries continue to be Russia, United States, and Ukraine.  Russia re-assumed its position at #1.  China moved down to #5.  August 2017’s report can be found here.

More

GPS Hacked

October 1, 2017 Jared Hall General, Telecom Security No Comments

Wired ran a story about widespread GPS errors experienced with merchant vessels traveling in the Black Sea.  That story can be found here: https://www.wired.co.uk/article/black-sea-ship-hacking-russia. This has been experienced by at least 20 ships over the past year.  One ship reports errors in the GPS-powered Automatic Identification System (AIS) every time they approach the Russian port of […]

More

SSL/TLS Email Connection Testing

September 27, 2017 Jared Hall Internet Security, Spy vs. Spy No Comments

Introduction I’ve developed a Sieve script that will auto-respond with a description of how your email message was received, with a snippet of the “Received:” header If you run a mail server or use a local ISP, this is an easy way to see if connections to this site are secure. To use, simply send […]

More

Microsoft Office: No Shortage of Exploits

September 22, 2017 Jared Hall General No Comments

There exists another vulnerability (of sorts) within Microsoft Word that is actively being exploited for espionage and surveillance purposes. What is happening is that a Unicode reference to the INCLUDEPICTURE field can include a hyperlink to an external image or file, like a PHP script on a remote server. This is an OLE2 (Object Linking […]

More

«< 2 3 4 5 6 >»

Tools & Downloads

Download Center

Categories

Good Reads (PDF)

Recent Posts

  • Secure Your Amazon S3 Buckets
  • It’s almost too easy
  • Tech Support Scams
  • Apple Fixes Critically Stupid Error in High Sierra
  • Update Your Dahua NVR & IP Cameras

Donate

$
Select Payment Method
Personal Info

Donation Total: $20.00

Privacy & Cookies: This site uses cookies. By continuing, you agree to their use. Read our privacy policy here Cookie Policy

↑

  • Home
  • Telecom Corner
  • About
  • Contact
  • Donate
  • Site Index
  • Links
Temporal Based Intelligence © 2017