Category Archives: Security


November 9, 2014
Author: James Willard

XConnect over IPSEC

XConnect, or L2TPv3 is a great way to extend a layer 2 broadcast network over a WAN connection to another site. It works great when you need to do things like MDNS or AirPlay, or anything else that requires a broadcast style protocol to function. With corporations and other entities, its apparent that encryption is a very important tool to ensure that communication over the open internet is secure to protect that confidential and proprietary information. L2TPv3 or Xconnect doesn’t help secure the traffic. So a solution needs…


October 2, 2014
Author: Jeremiah Plaskett

Shellshock Bash Code Injection Vulnerability Patch for Cisco Unified Communications Manager 8.5 and Above

Shellshock Bash Code Injection Vulnerability Patch for Cisco Unified Communications Manager 8.5 and Above

            New Vulnerability Affecting Cisco UC Products: A new vulnerability in the Bash shell has been publicly announced. The vulnerability is related to the way in which shell functions are passed though environment variables. The vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is invoked. The Bash shell may be invoked by a number of processes including, but not limited to, telnet, SSH, DHCP, and scripts hosted on web servers. All versions of GNU…


September 30, 2014
Author: Aaron Harned

Shellshock Bash Bug

Shellshock Bash Bug

If you haven’t heard, a recent security flaw known as the Bash Bug has been discovered, and threatens to compromise quite a few internet-connected systems.  This vulnerability is relatively wide-spread and can affect devices from major web servers to small-scale connected devices such as cameras or sensors. What’s worse?  That this is not a new vulnerability, just a newly-discovered one; According to sources, this flaw has existed for over 25 years.  Due to the sheer amount of -nix systems, including Apple’s OSX Operating System, that utilize some version…


May 6, 2014
Author: Aaron Harned

Understanding OSX Permissions

Understanding OSX Permissions

The Macintosh OSX platform is based on Unix, and thus, the POSIX permissions model. With OSX, you can augment these permissions with Access Control Lists (ACLs), which allow for more granularity (very similar to Windows-based permissions), however troubleshooting them can sometimes be a pain. POSIX Permissions Unix/Linux systems utilize a relatively basic structure for permissions. Each object, be it a file or folder, has 9 bits of metadata used in determining who or what has the ability to access it. This field is broken into three 3-bit sections;…


April 28, 2014
Author: James Willard

Vulnerability Found in ALL Versions of Internet Explorer

Vulnerability Found in ALL Versions of Internet Explorer

Microsoft announced on April 26th, 2014 a new ZERO DAY vulnerability that allows a computer to give a remote hacker the ability to gain full access to your computer. This affects Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11. Per Microsoft: An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of compromised websites and…


April 9, 2014
Author: Jimmy Shuman

OpenSSL Heartbleed Bug – Update Your Systems!

OpenSSL Heartbleed Bug - Update Your Systems!

A critical vulnerability in OpenSSL cryptographic software library allows attackers to gain access to information that is being protected by SSL/TLS encryption.  SSL/TLS is widely utilized throughout the internet by many different applications. This vulnerability has been labeled the “heartbleed“ bug because the attack uses the TLS heartbeat extension and can reveal up to 64k of memory to a connected client. The attacker can repeat this attack multiple times to gain all information that is being stored in memory. This includes secret keys for certificates, usernames/passwords, and confidential…