Bardissi Enterprises Blog

According to many reports, Russian attackers have somehow gotten their hands on 6.5 million hashed LinkedIn passwords. They have posted the hashed passwords to a Russian hacking web site, asking the hacking community to help them crack the hashes. With the increases in computing power and cracking technology, I suspect it’s only a matter of time until they have actual passwords. LinkedIn users; change your passwords immediately!

So far, no one knows exactly how these attackers were able to get their hands on LinkedIn’s password database, though LinkedIn reports they are investigating the incident. If I had to guess, I would place my bet on a SQL injection attack, as it’s a great vector for leeching this kind of data from the database backend behind a complex, insecurely coded web application.

WatchGuard will discontinue offering XTM 21, 22, and 23 hardware models for sale on June 30, 2012. This includes wired and wireless versions. At that time, hardware SKUs will be discontinued and removed from active WatchGuard price lists. Should new orders come in after June 30, 2012, they will not be accepted by WatchGuard if inventory is depleted

Subscription and support SKUs will remain active, enabling customers to renew services and enjoy the full threat prevention and content security capabilities available with this hardware platform. In addition, customers can renew their subscriptions and continue to receive technical support and access to software updates.

Verizon has reported a high level network outage in Southeastern PA. Issue seems to be causing no connections to certain providers. Some web traffic works some does not. They hope to resolve the issue by 1pm EST.

Dear Windows Mobile 6.x customer:

Microsoft is discontinuing the Windows Marketplace for Mobile service for Windows Mobile 6.x. Please review the details below to familiarize yourself with the changes:

Windows Mobile 6.x Marketplace Service To Be Discontinued

Beginning May 9, 2012, the Windows Mobile 6.x Marketplace service will no longer be available. Starting on this date, you will no longer be able to browse, buy or download applications directly on your Windows Mobile 6.x phone using the Windows Mobile 6.x Marketplace application and service.

Summary:

• This vulnerability affects: OS X 10.7.x (Lion) and 10.6.x (Snow Leopard)
• How an attacker exploits it: By enticing you to a website containing maliciously crafted Java
• Impact: In the worst case, an attacker executes code on your user’s computer, with that user’s privileges
• What to do: Install Java for OS X Lion 2012-001 or Java for OS X 10.6 Update 7 immediately, or let Apple’s updater do it for you.