Sysadmins Alert: Bash Vulnerability Allows Remote Code Execution!

Breaking news on a critical bash vulnerability allowing remote code execution. Details available here:

Massive Security Flaw — Heartbleed Bug — Vulnerability in OpenSSL

A security vulnerability of epic proportions has been discovered! It affects many web servers and end-user software products, so millions of users have been exposed to security risk from this bug.

Don’t panic! The existence of this vulnerability, despite its severity, does not mean your personal security has been compromised. What it does mean is that users need to take steps to reduce their ongoing risk from this bug.

The bug has reportedly existed for years, but the breaking news will undoubtedly prompt more malicious parties to exploit Heartbleed.

Users! Wallowa Valley Networks urges you to take steps to repair the damage caused by this vulnerability. In the coming days and weeks, major software manufacturers will release patches to fix the vulnerability in their software.

Update your software.

Change your passwords.

And move forward.

More Information on Heartbleed

Apple ‘goto fail’ Security Vulnerability

It was made public last week that a serious flaw in Mac OS X Maverick, Mac OS X Mountain Lion, and iOS rendered users’ internet traffic insecure.

The bugs have now been fixed in the latest versions of Mac OS X Maverick, Mac OS X Mountain Lion, and iOS, but users who have not updated to these versions will still be vulnerable. Users of these operating systems should update them as soon as possible.


You can test your Apple OS to see if you are vulnerable to ‘goto fail’ at this website:


Here are some articles with more information on the ‘goto fail’ bug:


“The Moon” Worm Infecting Linksys Routers

Linksys E-Series routers are currently vulnerable to infection by malicious software hop over to this site.

Here is an article with more info:

Moon Worm Spreading on Linksys Home and SMB Routers

Following Password Theft, Facebook, Google, Others Reset User Passwords

Yet another big security breach. Consider changing your passwords to important services regularly, and avoid reusing passwords on multiple sites.

More information on the recent rash of password theft:

iPhone users, beware of public charging stations!

According to this article, hacked chargers can install trojans on your iPhone:

Security experts urge users to disable Java (not Javascript) in web browsers.

As of today, there is still no fix for the recently discovered Java vulnerability. This software flaw could allow others to compromise your computer security.

The best way to protect yourself is to disable Java in your web browsers.  Here are instructions on disabling Java.

And here is some more information on the Java exploit.

Ransomware scams on the rise!

Ransomware is a type of virus that pops up messages on your screen threatening to cause harm to your system unless you pay. They often claim to be from organizations like the FBI, but are actually scammers.

Don’t panic! And don’t pay! Even if the virus does have the potential to damage your system (often they are bluffing), paying the extortionists is no guarantee that they’ll leave you alone. If you pay them, you’re just funding their next round of malware schemes.

Ransomware programs can be removed either by antivirus software you run, or by a technician for much less money than the scammers are often demanding.

If your antivirus software is having trouble removing ransomware or other viruses, Wallowa Valley Networks can help. Our staff is very experienced at virus removal and system recovery.

Fear is the mind-killer.

This just in: “password” is still the worst password!

No significant problems due to DNSChanger.

Contrary to predictions of an ‘Internet Doomsday’ occurring today, we’ve seen no problems so far from the DNSChanger malware. Here is some background on DNSChanger.