ISC StormCast for Tuesday, June 19th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleVulnerabilityqueerprocessbrittleness, (Tue, Jun 19th)
No, I didn't make that title up. Someone else did. vulnerabilityqueerprocessbrittleness . in is currently one 600+ domains that link to a quite prevalent Fake Anti-virus malware campaign. Currently,...
View ArticleFirefox 13.0.1 Update, (Wed, Jun 20th)
A new version of Firefox, 13.0.1, was released today. Although the official release notes say that various security issues have been fixed in this version, by looking at the official security...
View ArticleISC StormCast for Wednesday, June 20th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleCVE-2012-0217 (from MS12-042) applies to other environments too, (Wed, Jun 20th)
A week ago we covered MS12-042 (Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2711167))on the monthly Microsoft patch update cycle. This Microsoft advisory includes two...
View ArticleISC StormCast for Thursday, June 21st 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleCisco Security Advisories 20 JUN 2012, (Thu, Jun 21st)
Cisco issued three security advisories today, 20 JUN 2012; two are new, one is an update. NEW: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module...
View ArticlePrint Bomb? (Take 2), (Thu, Jun 21st)
Aweek ago we mentioned a print bombmalware specimen doing the rounds, with a gradually improving AVdetection ratio. However, we are receiving reports (Thanks Conor!)with variants of what looks like the...
View ArticleISC Feature of the Week: Tools->ISC At-A-Glance, (Fri, Jun 22nd)
Overview This week features some more tools that will be helpful to skim daily. They are linked at https://isc.sans.edu/tools/#at-a-glance. We've have some pages set up with a variety of information...
View ArticleInvestigator's Tool-kit: Timeline, (Fri, Jun 22nd)
This initially started off as a diary entry about creating final reports during the Lessons Learned phase of incident response, but I kept referring back to the timeline and realized that it needed an...
View ArticleUpdated Poll: Which Patch Delivery Schedule Works the Best for You?, (Fri,...
In May I created a poll to sample our readers' preferences concerning the delivery of patches from their vendors. Do you prefer the predictable delivery of a batch of security advisories and patches?...
View ArticleRun, Forest!, (Fri, Jun 22nd)
Yeah, I know, I probably get the prize for the ISC Diaries with the weirdest titles lately. Blame it on the bad guys, who are showing more creativity in naming their malware than I ever would be able...
View Articlenmap 6.01 released - http://nmap.org/download.html, (Sun, Jun 24th)
-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons...
View ArticleISC StormCast for Monday, June 25th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleTargeted Malware for Industrial Espionage?, (Mon, Jun 25th)
A number of sites have published an analysis of relatively new malware, ACAD/Medre.A. While we have had some highly specialized malware in recent years like Stuxnet, which targeted Iranian nuclear...
View ArticleIssues with Windows Update Agent, (Mon, Jun 25th)
Microsoft has released an Important update to the Windows Update function (Windows Update Agent 7.6.7600.256) because users have been experiencing update issues. Some users experience failed...
View ArticleBelgian online banking customers hacked., (Mon, Jun 25th)
According to this newspaper article (in Dutch), the Belgian government has arrested 2 Russian and 2 Polish nationals -legally in the country- in connection to stealing 3 million EURO through hacking...
View ArticleUsing JSDetox to Analyze and Deobfuscate Javascript, (Mon, Jun 25th)
Last week Daniel published the diary Run, Forest! If you are using Snort IDS and running some of the Blackhole signatures from Emerging Threats, you most likely noticed they trigger on Blackhole...
View ArticleISC StormCast for Tuesday, June 26th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleRun, Forest! (Update), (Tue, Jun 26th)
Thanks to ISC readers Yin, Doug, Lorenzo, Ron, Jan and Placebo for contributing their data to the ongoing analysis of Run, Forest! (JS.Runfore) after our earlier SANS ISC diary last week. Here's what...
View Article