cross posted from US-CERT Current Activity
Cisco has released a security advisory to address a vulnerability in the Cisco IOS Software Install feature running on Cisco Catalyst Switches. Exploitation of this vulnerability may allow remote code execution by an unauthenticated attacker.
US-CERT encourages administrators to review Cisco Security Advisory cisco-sa-20110928-smart-install for information about software updates and to review the Cisco Applied Mitigation Bulletin for workaround information.
cross posted from Facebook Users Beware: Facebook’s New Feature Could Embarrass You
If you didn’t watch Mark Zuckerberg’s Facebook announcements last week — and of course the vast majority of Facebook users did not — you may be in for a surprise. Aside from the dramatically redesigned Facebook Timeline
profile pages, which roll out in the coming weeks (and which I’ve grown to love), Facebook’s new system to auto-share what you do around the web may catch many Facebook
addicts off guard.
In fact, even those people who know exactly how this new feature works may need to be on guard against sharing some seriously embarrassing updates. Continue reading
cross posted from gscan2pdf 1.0.0 released and PPA installation instructions included
Only two clicks are required to scan several pages and then save all or a selection as a PDF or DjVu file, including metadata if required.gscan2pdf can control regular or sheet-fed (ADF) scanners with SANE via scanimage or scanadf, and can scan multiple pages at once. It presents a thumbnail view of scanned pages, and permits simple operations such as cropping, rotating and deleting pages.OCR can be used to recognise text in the scans, and the output embedded in the PDF or DjVu.
Read the rest of gscan2pdf 1.0.0 released and PPA installation instructions included (145 words
cross posted from Afghanistan: Why Civilians are Killed
Why have the number of civilians killed, increased in the course of the conflict? Why do NATO-US airplanes continue to bomb civilian housing and village gatherings and ground troops indiscriminately assault homes and workshops? [...]
cross posted from Firefox 7 Available Now, Offers Improved Memory Handling and Boosted Speed [Updates]
Win/Mac/Linux: Firefox 7 surprised us in our latest round of browser speed tests, and this morning, Mozilla transitioned it from beta to official release. The new version’s biggest improvement is in memory handling, which the Mozilla team hopes finally puts some of the biggest complaints about the browser to rest. More »
In a typically detailed post on the Building Windows 8 blog Monday, the Windows 8 team underlined the advantage of using a Windows Live ID to sign into different Windows devices. According to Katie Frigon, the group program manager of the You-Centered Experience team at MS, doing so will let users have “a truly personal experience that seamlessly bridges their online and offline tasks, is simpler to set up and use, and persists across their set of Windows 8 PCs.” Hit the jump for more. Continue reading
US-CERT is aware of a vulnerability affecting the Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols. Exploitation of this vulnerability may allow an attacker to decrypt encrypted SSL/TLS traffic and obtain sensitive information.
Microsoft has released Security Advisory 2588513 to provide workarounds for this vulnerability in the Windows implementation of the SSL and TLS protocols.
US-CERT encourages Microsoft Windows users and administrators to review Microsoft Security Advisory 2588513 and implement the workarounds listed in the advisory to help mitigate the risks.
Because the SSL and TLS protocols may be used in a variety of products, users and administrators are encouraged to check with their software vendors for updated versions. US-CERT will provide updates as additional information becomes available.
via SSL/TLS Protocol Vulnerability
Virtual machines are basically made of files. They contain configuration files, virtual hard disks, snapshot files and saved state files. While running computers are virtual machines can benefit from virtualization, a lot of thought needs to be taken in order to protect the contents of the virtual machines and the VMs themselves, so that if something goes wrong, you can perform a pre-defined list of steps to successfully restore the VMs to a functional and running state.
We will cover the fundamentals of VM backup in a future article. However, in this article we want to focus on one of the basic methods of VM backup – using Windows Server Backup. Continue reading
Google Plus’ big killer feature from the start has been that it lets users organize their friends and acquaintances into Circles to control what is shared, and with whom. But creating all these curated groups seemed a little like a half baked feature seeing as you couldn’t let anyone else in on that perfectly organized group. Well, now you can. Google is rolling out the ability to share circles on Google+.
To share a Circle, just click on the Circle in question and choose Share. This will pull up the familiar composition field where you can choose who to share it with. Anyone that you’ve deemed fit to see the post will be able to see and add the people in the Circle, but not the name of it (that’s always private). The Circle can be shared with any of your Circles, or made public (where’s Xzibit?).This is a one-time post, so no one else will see future modifications to the shared Circle unless you share it again.
As usual, the feature is rolling out gradually, so get those Circles in shape. Will you take advantage of this? Any Circles you want to share?
via Google+ Now Allows You To Share Circles
Over the weekend, Dave Winer wrote an article at Scripting.com explaining how Facebook keeps track of where you are on the web after logging in without your consent. Nik Cubrilovic dug a little deeper, and discovered that Facebook can still track where you are, even if you log out. Facebook, for its part, has denied the claims. Regardless of who you believe, here’s how to protect yourself, and keep your browsing history to yourself. More »
via Facebook Is Tracking Your Every Move on the Web; Here’s How to Stop It [Facebook]