16Mar, 2011

Internet Explorer 9 Released

I hope no one is still running Internet Explorer 6; if you are Microsoft has a countdown and awareness campaign to get you and your grandmother to upgrade. For those that are fairly up to date, be informed you are not because Microsoft released Internet Explorer 9 today. If you are feeling risky and are […]

15Mar, 2011

Making Twitter More Secure: HTTPS

It seems the information security industry has finally convinced Twitter to enable HTTPS and provide an option to have it enabled always. Tools like FireSheep and multiple research has been pushing companies to force HTTPS all the time. Make sure to enable this especially fi you frequent public networks. Twitter has posted this blog post with […]

13Mar, 2011

SSL Renegotiation Denial of Service

Having SSL Renegotiation enabled is a denial of service attack vector. An SSL Renegotiation Man in the Middle vulnerability was reported in 2009 as CVE-2009-3555. The vulnerability relies on two key issues: having SSL Renegotiation enabled and having a vulnerable SSL Implementation (pre RFC 5746 also known as insecure renegotiation). There is another issue that ONLY requires having […]

12Mar, 2011

Facebook – Download your Information

I was going through my Facebook Account a settings as everyone should be doing and found a few new settings and options I did not know about. Facebook Account settings may be accessed through the top right of any Facebook page once you are logged in. Some changes I made today: Password – you should […]

01Mar, 2011

Windows 7 & Server 2008 R2 Service Pack 1

Microsoft was doing so well cleaning up their reputation post-Vista era until they released Service Pack 1 for Windows 7 and Windows Server 2008 R2. Even SANS Internet Storm Center has an article dedicated to identified issues with the service pack. Here is my advice: Unless you have not installed the recent patches via Windows […]

23Feb, 2011

AT&T U-Verse Open Port 3479

Most AT&T U-Verse subscribers receive a 2wire residential gateway for their subscription to Internet, TV, and VoIP phone service. I believe most subscribers get a 3800HGV-B. The user guide for that model does not mention anything about a TCP Port 3479 being opened or used by default. So I found it strange to see TCP port 3479 […]

29Oct, 2010

Hacker Halted 2010 Presentations

Hacker Halted 2010 presentations are up. If you were able to attend you know there were a few good talks. The event went way better than last years and EC-Council is making Miami, FL their home town for this conference. Check out the presentations here. Till next time,Jorge Orchilles

27Oct, 2010

Windows 7 Service Pack 1 (Release Candidate)

Microsoft announced today the Release Candidate (RC) of Windows 7 and Windows Server 2008 R2 Service Pack 1 (SP1) to the public. For those unaware of how these software rollouts “work,” the RC release generally signals that a final build is almost ready. The only new features added to the SP1 are the Windows Server […]