Frank Crast, Author at Securezoo

Microsoft August 2018 patch updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 15, 2018 / .NET, Edge, Exchange, Microsoft, Office, SQL Server, Windows

Microsoft issued the August 2018 Security Updates that include over 60 unique vulnerability fixes, 19 of them rated critical and two zero days actively exploited.

Microsoft August 2018 patch updates Read More »

Oracle Database security alert

Leave a Comment / Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 14, 2018 / CVE-2018-3110, Database, Oracle, Vulnerabilities

Oracle has released a Security Alert Advisory for an Oracle Database vulnerability (CVE-2018-3110) in versions 11.2.0.4 and 12.2.0.1 on Windows.

Oracle Database security alert Read More »

TLS 1.3 protocol is officially standard

Application Security, Cryptography, Data Privacy, Standards & Guidelines / Frank Crast / August 14, 2018 / encryption, IETF, RFC 8446, SSL, TLS, TLS 1.3

The Transport Layer Security (TLS) 1.3 has officially become a standard last week. The new TLS standard now offers improved privacy, security and performance to the internet security protocol.

TLS 1.3 protocol is officially standard Read More »

Security researcher discovers macOS zero-day vulnerability

Leave a Comment / Vulnerabilities & Exploits, Zero-days / Frank Crast / August 13, 2018 / Apple, CVE-2017-7150, Defcon

A security researcher was able to demonstrate in last week’s Defcon conference how a vulnerability (CVE-2017-7150) in recent versions of macOS could be exploited and lead to a “synthetic” mouse-click cyber attack.

Security researcher discovers macOS zero-day vulnerability Read More »

Many organizations lacking adoption of key CIS controls

Asset Management, Configuration Management, Cybersecurity Articles, Endpoint Security, Identity & Access Management, Vulnerabilities & Exploits / Frank Crast / August 11, 2018 / CIS, SANS

A recent survey conducted by Tripwire revealed organizations are not fully adopting security controls from key benchmarks, such as the Center for Internet Security (CIS).

Many organizations lacking adoption of key CIS controls Read More »

AWS S3 error exposes data on 31K GoDaddy servers

Cloud Security, Configuration Management, Identity & Access Management / Frank Crast / August 10, 2018 / Amazon, AWS, Cloud, configuration management, GoDaddy, S3, server

Cybersecurity firm UpGuard has discovered an error in Amazon AWS bucket configuration that led to the exposure of internal GoDaddy infrastructure data.

AWS S3 error exposes data on 31K GoDaddy servers Read More »

Hackers target PGA servers with ransomware

Leave a Comment / Cybersecurity Attacks, Malware / Frank Crast / August 9, 2018 / golf, malware, PGA, Ransomware

Hackers targeted servers belonging to the Professional Golfers’ Association of America (PGA) and encrypted files hosted on those systems with ransomware.

Hackers target PGA servers with ransomware Read More »

BIND security advisory

Leave a Comment / Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 8, 2018 / BIND, DNS, ISC, Vulnerabilities

The Internet Systems Consortium (ISC) has issued a high severity security advisory that addresses a security vulnerability in multiple versions of ISC Berkeley Internet Name Domain (BIND).

BIND security advisory Read More »