Dr. Bill.TV #419 – Video – “The Sad, Sorry (Sideways) Security Edition!”

Cryptocurrency miners infect Dr. Bill’s PC, Dr. Bill orders a Google Pixel 2 XL, Star Wars: The Last Jedi trailer, Nintendo NES Classic, Amazon’s waterproof Kindle, Severe flaw in WPA2, PIA VPN, Google adds antivirus to Chrome, Securi Firewall hacked.

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET

ChuckieDaniel.com and The Lifetrain Internet Radio Station

WOFR.org – Word of Faith Internet Radio


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)
Streaming M4V Audio





Streaming MP3 Audio

Streaming Ogg Audio

Download M4V Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

You may also watch the Dr. Bill.TV Show on these services!

 

Dr. Bill.TV on YouTube Dr. Bill.TV on Vimeo

 


Dr. Bill.TV #419 – Audio – “The Sad, Sorry (Sideways) Security Edition!”

Cryptocurrency miners infect Dr. Bill’s PC, Dr. Bill orders a Google Pixel 2 XL, Star Wars: The Last Jedi trailer, Nintendo NES Classic, Amazon’s waterproof Kindle, Severe flaw in WPA2, PIA VPN, Google adds antivirus to Chrome, Securi Firewall hacked.

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET

ChuckieDaniel.com and The Lifetrain Internet Radio Station

WOFR.org – Word of Faith Internet Radio


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)
Streaming M4V Audio





Streaming MP3 Audio

Streaming Ogg Audio

Download M4V Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

You may also watch the Dr. Bill.TV Show on these services!

 

Dr. Bill.TV on YouTube Dr. Bill.TV on Vimeo

 


GoDaddy Securi Web Firewall Hacked!

Man! I use Securi on my sites too! Ack!

This bug let a researcher bypass GoDaddy’s site security tool

ZDNet – By: Zack Whittaker – “A widely used security tool owned by web hosting provider GoDaddy, designed to prevent websites from being hacked, was easily bypassed, putting websites at risk of data theft.

The company’s website application firewall (WAF), provided by Sucuri and acquired by GoDaddy earlier this year, protects websites against a range of attacks by adding an extra layer of security to a website to protect against cross-site scripting and SQL injection techniques.

But a security researcher told ZDNet that the firewall would let through some commands, allowing him to gain access to vulnerable databases behind the scenes. That, he said, put sites at risk of data theft.

Touseef Gul was able to bypass the firewall with a relatively simple SQL injection string, which he showed to ZDNet but we’re not publishing. SQL injection attacks can be launched from the web browser’s address bar. If the attack is successful it will display a list of database tables on the website itself. Where he was expecting to receive an ‘access denied’ message, the firewall let the command through and returned a list of tables from the target website’s database. He was also able to obtain the database’s admin account and MD5 hashed password, which nowadays is easily crackable.

What surprised the researcher, he said, was how easy the firewall was to bypass.

He gave an example of part of the code he used. He said that while the firewall would block a common command used in SQL injections, such as ‘UNION SELECT,’ a modified, encoded version of the same command — such as ‘UNION SELE%63T’ (where %63 is an encoded ‘C’) — was not blocked by the filter.

For its part, GoDaddy said it patched the bug within a day of the security researcher’s private disclosure to the company.

‘In reviewing this situation, it appears someone was able to find a vulnerable website and manipulate their requests to temporarily bypass our WAF,’ said Daniel Cid, GoDaddy’s vice-president of engineering.

‘Within less than a day, our systems were able to pick up this attempt and put a stop to it,’ he said.

Cid said the company is ‘not aware of other customers’ impacted by the bypass, but wouldn’t say how many websites were at risk of the bypass technique.

Lesley Carhart, a digital forensics and incident response specialist, explained that web application firewalls mimic the behavior of antivirus products rather than a traditional firewall.

‘In a lot of ways web attacks are way harder to firewall than traffic in and out of a network,’ said Carhart. ‘You can deny almost everything at a network firewall or host firewall.’

‘Web traffic filtering relies more on blacklisting bad stuff using signatures than whitelisting slews of unneeded ports and protocols like traditional firewalls,’ she added.

Web application firewalls block attacks on sites running web applications that are already vulnerable to attacks, like out-of-date content management systems, like WordPress or Joomla, she explained.”

‘In principle, it’s a great move to add another layer of defense to sites, but it should never be mistaken for or implied to be a replacement for secure coding,’ she said.”

Google Further Secures Chrome on Windows!

This is GREAT NEWS!

Google just added these antivirus features to Chrome for Windows

ZDNet – By: Liam Tung – “Google has introduced three changes to Chrome for Windows to improve the browser’s malware detection and removal capabilities.

The company is targeting malware and malicious extensions that modify search results to redirect users to unintended pages, inject ads, and lock users on ad-filled sites.

The new security features for Chrome on Windows are an addition to existing defenses, such as Safe Browsing warnings for pages known to deliver malware.

Google is now clamping down on Chrome extensions that change user settings, such as the default search engine. The browser will automatically detect when an unauthorized change is made and offers to restore the original settings.

It has also redesigned Chrome’s Cleanup feature which offers a shortcut to restoring the browser’s default settings after an infection. It shows an alert when the browser detects unwanted software and offers a way to remove it. Chrome users have previously been able to use the standalone Chrome Cleanup Tool to remove harmful software. Google says it redesigned the alerts to make it easier to see what software will be removed.

Chrome Cleanup has also gained a malware detection engine from antivirus firm ESET, which works in tandem with Chrome’s sandbox technology.

This integration of the new ‘sandboxed engine’ doesn’t replace antivirus on Windows as it only targets and removes software that violates Google’s unwanted software policy. However the policy covers a variety of bad behaviors, from deceptive installs to spyware. It also mean that Chrome can detect and remove more unwanted software than previously.

Google estimates the new security features will help ‘tens of millions’ of Chrome users clear up security problems in the next few days.”