Monday, October 26, 2015

Two For One: Steam Link Root Access, WD MyPassport Encryption Vulnerabilities

Hey everyone! In this post, I wanted to talk about two interesting things I came across this week.  First, now that the Steam Link is shipping pre-orders, people have started to play around with it and see what it can do.  It looks like it is another embedded device running Linux.  That makes for some interesting possibilities.  Second, with encryption becoming more and more mainstream lately, more manufacturers have incorporated it into their products.  That does not mean they always do it right.  Let's get started...

Monday, October 19, 2015

Quickie: Yet Another Flash Zero Day

Hey everyone!  This will be a quick post, but I wanted to write something about the newest Flash vulnerability that has been a hot topic of discussion this week.  Trend Micro wrote up a short analysis of the vulnerability here, and you can check out the associated CVE here.

I have read a number of posts from people and websites (like this one) that say the best course of action is to uninstall Flash.  This is great advice if you do not visit sites that require Flash.  I always believe that if there is a piece of software installed on your box that you do not need, you should get rid of it.  Each piece of software installed on your box is a potential attack vector.  However, some financial institutions and corporate websites still use Flash, so uninstalling might not be an option for you.  What do you do then?

Monday, October 12, 2015

Vigilante "Malware"?

Hey everyone - I guess I could not stay away.  I will try to post something new when I can, but I do not want to sacrifice quality just to get something out.  I will try my best to post every week or every other week.

Today, I wanted to talk about an interesting article that I read about so-called "vigilante" malware.  The full article was written by Symantec, and is available here.  Allegedly, source code is available here, but I would take that with a grain of salt.   The malware is dubbed Linux.Wifatch and has actually been around since 2014 (and maybe as early as 2013).

Monday, October 5, 2015

Examining Linux Process Memory: Part 2

Hi everyone!  This is the final installment in our look at Linux process memory.  Before we dive in, I want to mention one thing.  Going forward, I think the cadence of these posts is going to change a bit.  Due to some things going on, I am going to try to post once every two weeks for a little while.  This blog is not my day job, so I can only spend spare time on it.

With that out of the way, let's pick up where we left off last week.