A trip through the spam filters: more malspam with zip attachments...
Introduction I was discussing malicious spam (malspam) with a fellow security professional earlier this week. He was examining malspam with zip attachments containing .js files. This is something Ive...
View ArticleISC Stormcast For Friday, February 5th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMore updates to kippo-log2db, (Sat, Feb 6th)
It has been a while, but I finally got around to fixing a bugin my script for putting kippo text logs into a kippo-formatted MySQL database. In this case, it was a bug that caused the sensor column in...
View ArticleDDOS is down, but still a concern for ISPs, (Sun, Feb 7th)
For many reasons,most ISPs are finding that service affecting DDOSes, which were a common occurrence as little as a year ago are rare in the later half of 2015 and so far in 2016. Hopefully the arrest...
View ArticleISC Stormcast For Monday, February 8th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMore Malicious JavaScript Obfuscation, (Sun, Feb 7th)
Yesterday, I found an interesting phishing email. Nothing fancy or exotic about the content, just a classic email notification pretending to be sent byPaypaland asking the victim to urgently review...
View ArticleISC Stormcast For Tuesday, February 9th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleOut-of Order Java Update, (Tue, Feb 9th)
Oracle released an emergency update for Java [1]. The nature of the flaw, and how the update fixes the flaw, is somewhat obscured. According to Oracles advisory, the user would first have to install...
View ArticleMicrosoft February 2016 Patch Tuesday, (Tue, Feb 9th)
Overview of the February 2016 Microsoft patches and their status. # Affected Contra Indications - KB Known Exploits Microsoft rating(**) ISC rating(*) clients servers MS16-009 Cumulative Security...
View ArticleAdobe Patch Tuesday - February 2016, (Tue, Feb 9th)
APSB16-03: Adobe Photoshop CC and Bridge CC 3 critical vulnerabilities that could lead to code execution with a priority rating of 3 (low): CVE-2016-0951, CVE-2016-0952, CVE-2016-0953. You may have to...
View ArticleISC Stormcast For Wednesday, February 10th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleBeta Testers Wanted: Use a Raspberry Pi as a DShield Sensor, (Wed, Feb 10th)
I am currently working on an easy way to turn a Raspberry Pi into a DShield sensor. If you would like to, you can try the current beta version of the software. Feedback is very much appreciated. To get...
View ArticleTomcat IR with XOR.DDoS, (Thu, Feb 11th)
Apache Tomcat is a java based web service that is used for different applications. While you may have it running in your environment, you may not be familiar with its workings to provide adequate...
View ArticleISC Stormcast For Thursday, February 11th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleCritical Cisco ASA IKEv2/v2 Vulnerability. Active Scanning Detected, (Wed,...
Cisco released an advisory revealing a critical vulnerability in Ciscos ASA software. Devices are vulnerable if they are configured to terminate IKEv1 or IKEv2 VPN sessions. (CVE-2016-1287) [Update]...
View ArticleISC Stormcast For Friday, February 12th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleVMware VMSA-2015-0007.3 has been Re-released, (Sat, Feb 13th)
VMware has re-issue VMSA-2015-0007.3 today after they found an earlier fix for CVE-2016-2342 was incomplete. Affected ESXi versions are: 5.0, 5.1 and 5.5. Advisory can be found here. [1]...
View ArticleISC Stormcast For Tuesday, February 9th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Stormcast For Monday, February 15th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMore Multi-Architecture IoT Malware, (Mon, Feb 15th)
Attackers have problems too: Attacks against Internet of Things (IoT) devices are simple (as in log in...), but the attacker never knows what kind of architecture they may hit. IoT devices often go...
View Article