RSS Feed
Latest Updates
Dec
21

Log into most any Linux system by hitting backspace 28 times
// Engadget

Security researchers have discovered a ludicrously simple way to hack into a number of Linux distributions: Just tap the backspace key 28 times in a row. A team from the Cybersecurity Group at Polytechnic University of Valencia (UPV) in Spain found that doing so for builds utilizing the ubiquitous Grub2 bootloader -- that's to say just about all of them -- immediately bypasses the lock screen, initiates the "Grub rescue shell" and grants the user access to the system for whatever nefarious .

The team found that the backspace trick triggers a memory error, which in turn launches the rescue shell. The bug isn't a huge threat -- I mean, a hacker would need physical access to your machine in order to exploit it -- especially now that Ubuntu, Red Hat, and Debian all have released patches.

Source: Motherboard

----

 


Read more »



Apr
23
Follow us on Twitter
Posted by Jonathan Steichen on 23 April 2013 10:13 AM

Clients, future clients and Cloud enthusiasts:

Please join us on Twitter @VigilantCloud 

There, we will share upcoming events, breaking news, maintenance schedules, company and industry updates...and much more!

Thank you for following us @VigilantCloud

Vigilant Technologies
Cloud Engineers


Read more »



Nov
7

Valued Clients,

Affected users

  • The following alert effects consumers using vCenter.  If you are using vCenter, then the attached VMWare KB article will be familiar to you.
  • If you are running vCenter 4.0.x, or have upgraded vCenter from 4.0.x, please read the below article:

Symptoms

After applying the Microsoft Security Advisory update noted in KB2661254:

Cause

vCenter Server 4.0.x by default uses RSA certificates which are 512 bits and therefore cause vCenter Server to fail. The update in Microsoft Security Advisory, KB2661254, blocks the use of RSA certificates which are less than 1024 bits long....

If you have any questions, please feel free to contact us via email, chat or phone.

Thank you,
Vigilant Technologies Engineering

Read more »



Sep
21

We at Vigilant value our customers safety and feel obligated to you to make you aware of two very serious issues:

1) Microsoft has released "Microsoft Security Bulletin" MS12-063-Critical today. It is a vitally important patch if you are running Internet Explorer 6, 7, 8 & 9.

Why this is important:  If you visit or get redirected to a specially crafted web page, it can take advantage of a security hole that would allow an intruder to run programs remotely on your computer as if they were you. These programs can run in the background where you would not be aware of them. 

You can download the patch by running windows update on your machine: (Please be aware that you will be asked to reboot your machine at the end of the installation)

  • Click the start button
  • Click "All Programs"
  • Click on "Windows Update"
  • Click on "Check for updates" on the left pane of the window
  • Click on the "XXX important updates are available" on the right
  • Under the "Windows 7" (or what ever version you are running) section check the box for the item that ends in (KB2744842) and any other updates you wish to add and click "OK"
  • Now click on the button with the  blue and yellow shield & "Install updates"
  • Let it run & reboot

You should now be protected from this vulnerability.

Reference Links:

  • http://technet.microsoft.com/en-us/security/bulletin/ms12-063
  • http://technet.microsoft.com/en-us/security/advisory/2757760

2) The second issue we would like to make you aware of is a "Java" vulnerability. 

Why this is important: virtually every machine that surfs the internet processes "Java" code. It is one of the most common componenets of any web page. If you visit or get redirected to a specially crafted web page, it can take advantage of a similar security hole like the one above that would allow an intruder to run programs remotely on your computer as if they were you. These programs can run in the background where you would not be aware of them. 

This vulnerability is not limited to Internet Explorer it can affect ANY browser on Windows or OSx.

You can download the patch from here: http://www.oracle.com/technetwork/java/javase/downloads/jre7u7-downloads-1836441.html

Good Executive Summary: http://reviews.cnet.com/8301-13727_7-57503787-263/oracle-patches-java-7-vulnerability

Thank you & Safe computing,
Vigilant Staff


Read more »



Jul
8
Malware may cause loss of internet
Posted by Carl Ingram on 08 July 2012 05:41 PM

The government is shutting down a server that helps computers infected with the DNS Changer malware access the internet.

This malware would redirect your browser to a site that would be ued to capture your sensitve information so that it could used for fraudulant purposes. For several years now, the Department of homeland security has taken an offensive approach to tackling cybersecurity.

To ensure you do not have this virus, please review this article , or for windows systems, download the malicious software remove tools. If your computer as already lost internet access, download the tools in this article to another computer or your smart phone and copy them to the infected computer.

Related links:

Thank you,
Vigilant staff


Read more »