Quantcast
Channel: SANS Internet Storm Center, InfoCON: green
Browsing all 8326 articles
Browse latest View live
↧

Craigslist Outage, (Mon, Nov 24th)

:0
:0
November 23, 2014, 8:49 pm

We were notified this evening by Matt H. that Craigslist is suffering an outage of some sort. Briefly checking the sitefrom the west coast I am finding web access basically unavailable, and access via...

View Article
Search

Someone is using this? PoS: Compressor, (Mon, Nov 24th)

:0
:0
November 24, 2014, 6:44 am

Hello Dear Readers, This diary comes to you by way of the real world and was taken very recently. Has anyone seen anything like this before? This handler was stunned into silence before the years of...

View Article

ISC StormCast for Tuesday, November 25th 2014...

:0
:0
November 24, 2014, 7:46 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article
Image may be NSFW.
Clik here to view.

Guest diary: Detecting Suspicious Devices On-The-Fly, (Tue, Nov 25th)

:0
:0
November 25, 2014, 12:27 pm

If you apply classic hardening rules (keep the patch level, use an AV, enable the firewall and use them with due diligence), modern operating systems are more and more difficult to compromise today....

View Article

Security update for Adobe Flash player, (Tue, Nov 25th)

:0
:0
November 25, 2014, 1:17 pm

Adobe has released an out of band security update for the Adobe Flash player. This is an additional update for CVE-2014-8439. Everyone either update or double check that Flash either is not installed...

View Article

Less is, umm, less?, (Tue, Nov 25th)

:0
:0
November 25, 2014, 1:31 pm

Following vulnerabilities discovered in tools many Linux and Information Security enthusiasts use such as the strings command and the bash shell, a new series of issues have been discovered in the less...

View Article

ISC StormCast for Wednesday, November 26th 2014...

:0
:0
November 25, 2014, 7:37 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

Syrian Electronic Army attack leads to malvertising, (Thu, Nov 27th)

:0
:0
November 27, 2014, 12:33 pm

A number of online services were impacted by what has been referred to by multiple sources as a redirection attack by Syrian Electronic Army (SEA) emanating from the Gigya CDN. The issue was described...

View Article
Search

Lots of Black Friday SPAM & Phishing, (Fri, Nov 28th)

:0
:0
November 28, 2014, 3:20 pm

Likely every reader out there, their friends and family, even their pets with email accounts, have received Black Friday SPAM or phishing attempts today. Our own Dr. J sent the handlers an Amazon...

View Article

Do you have a Data Breach Response Plan?, (Mon, Dec 1st)

:0
:0
November 30, 2014, 4:12 pm

The Ponemon Institute conducted and released a paper in September on its second annual study on data breaches. Some of the data collected shows interesting results. Based on their survey, 68% of...

View Article

ISC StormCast for Monday, December 1st 2014...

:0
:0
November 30, 2014, 6:37 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

Flushing out the Crypto Rats - Finding "Bad Encryption" on your Network,...

:0
:0
December 1, 2014, 6:45 am

Just when folks get around to implementing SSL, we need to retire SSL! Not a week goes buy that a client isnt asking me about SSL (or more usually TLS) vulnerabilities or finding issues on their...

View Article

Dridex Phishing Campaign uses Malicious Word Documents, (Mon, Dec 1st)

:0
:0
December 1, 2014, 9:48 am

This is a guest diary submitted by Brad Duncan. During the past few months, Botnet-based campaigns have sent waves of phishing emails associated with Dridex. Today, well examine a wave that occurred...

View Article

ISC StormCast for Tuesday, December 2nd 2014...

:0
:0
December 1, 2014, 5:54 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

We will be performing some extensive updates to our backend today. Sorry for...

:0
:0
December 2, 2014, 5:50 am

--- Johannes B. Ullrich, Ph.D. STI|Twitter|LinkedIn (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article
Search

Does Your Vulnerability Scanner Speak Portuguese?, (Tue, Dec 2nd)

:0
:0
December 2, 2014, 10:39 am

Rodrigo Montoro and Joaquim Espinharadid an interesting test, and like so many interesting tests, it is actually pretty obvious in hindsight: They looked at different vulnerability scanners, and...

View Article

OpenVPN server DoS vulnerability fixed, (Tue, Dec 2nd)

:0
:0
December 2, 2014, 4:09 pm

The OpenVPN folks released a security advisory and updates to its server software yesterday for a vulnerability that has existed in the source code since 2005. CVE-2014-8104 is a vulnerability that can...

View Article

ISC StormCast for Wednesday, December 3rd 2014...

:0
:0
December 2, 2014, 7:32 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

ISC StormCast for Thursday, December 4th 2014...

:0
:0
December 3, 2014, 5:50 pm

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

Automating Incident data collection with Python, (Thu, Dec 4th)

:0
:0
December 3, 2014, 6:49 pm

One of my favorite Python modules isImpacketby the guys at Core Labs. Among other things it allows me to create Python scripts that can speak to Windows computers over SMB. I can use it to map network...

View Article
Browsing all 8326 articles
Browse latest View live
Search