ISC StormCast for Thursday, January 29th 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleBlindly confirming XXE, (Thu, Jan 29th)
Almost exactly a year ago I posted a diary called Is XXE the new SQLi? you can read it at https://isc.sans.edu/diary/Is+XXE+the+new+SQLi/17375. In last year, the things have not changed a lot regarding...
View ArticleISC StormCast for Friday, January 30th 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Beware of Phishing and Spam Super Bowl Fans!, (Sat, Jan 31st)
Beware of Super Bowl spam that may come to your email inbox this weekend. The big game is Sunday and the spam and phishing emails are pouring in complete with helpful links - back-ended by malware...
View ArticleImproving SSL Warnings, (Sun, Feb 1st)
One of the things that has concerned mefor the last few years is how we are slowly creating a click-thru culture. " /> I honestly believe the intent is correct, but the implementation is faulty. The...
View ArticleAsset Inventory: Do you have yours?, (Sun, Feb 1st)
The year is hardly a month old and we have people racing around as if their hair is on fire, demanding to know if the GLibc vulnerability CVE-2015-0235 (aka GHOST) [1] affects them. Its a reasonable...
View ArticleISC StormCast for Monday, February 2nd 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleNew Adobe Flash Vulnerability - CVE-2015-0313, (Mon, Feb 2nd)
For those of you who are loosing track, yet another Adobe Flash vulnerability has been unleashedon their unsuspecting users. I am sure we all know the wording off by heart now, but incase:...
View ArticleFriday Special Webcast: Lessons Learned from "Ghost"...
--- Johannes B. Ullrich, Ph.D. STI|Twitter|LinkedIn (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Tuesday, February 3rd 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWhat is using this library?, (Tue, Feb 3rd)
Last year with OpenSSL, and this year with the GHOST glibc vulnerability, the question came up about what piece of software is using what specific library. This is a particular challenging inventory...
View ArticleClik here to view.
Another Network Forensic Tool for the Toolbox - Dshell, (Tue, Feb 3rd)
This is a guest diary written byMr. William Glodek Chief, Network Security Branch, U.S. Army Research Laboratory As a network analysis practitioner, I analyze multiple gigabytes of pcap data across...
View ArticleISC StormCast for Wednesday, February 4th 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleFebruary OUCH! Newsletter - Staying Secure on the Road:...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Exploit Kit Evolution - Neutrino, (Wed, Feb 4th)
This is a guest diary submitted by Brad Duncan. In September 2014 after the Neutrino exploit kit (EK) had disappeared for 6 months, it reappeared in a different form. It was first identified as Job314...
View ArticleAdobe Flash Player Update Released, Fixing CVE 2015-0313, (Thu, Feb 5th)
An update has been released for Adobe Flash that fixes according to Adobe the recently discovered and exploited vulnerability CVE-2015-0313. Currently, the new version of Flash Player is only available...
View ArticleISC StormCast for Thursday, February 5th 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleTomcat security: Why run an exploit if you can just log in?, (Thu, Feb 5th)
In our honeypots, we recently saw a spike of requests for http://[ip address]:8080/manager/html . These requests appear to target the Apache Tomcat server. In case you havent heard of Tomcat before...
View ArticleGNU Privacy Guard (gpg) needs your help. If you have a couple $$ to spare,...
--- Johannes B. Ullrich, Ph.D. STI|Twitter|LinkedIn (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Friday, February 6th 2015...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Article