SANS Internet Storm Center, InfoCON: green

↧

Microsoft Exchange/Sharepoint and others: Oracle Outside In Vulnerability,...

July 25, 2012, 7:29 am

Microosft published an unusual knowledge base article today, warning users of certain versions of Microsoft Exchange and Sharepoint server of a remote code execution vulnerability introduced by...

View Article

Apple OS X 10.8 (Mountain Lion) released, (Wed, Jul 25th)

July 25, 2012, 7:41 am

You probably saw by now that Apple unleashed Mountain Lion earlier today. If you are lucky to make it past the overloaded App store, you may already be installing it. But some of you may not be as...

View Article

Apple Releases Safari 6, (Wed, Jul 25th)

July 25, 2012, 8:31 am

Even if you don't plan to upgrade to Mountain Lion, as of today Safari 6 is available as an update for older versions of OS This new version includes numerous security fixes and improvements. For a...

View Article

ISC StormCast for Thursday, July 26th 2012...

July 25, 2012, 7:40 pm

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

ISC Feature of the Week: The 404Project - now with IP Mask, (Thu, Jul 26th)

July 26, 2012, 2:59 pm

Overview We've covered the 404 Project https://isc.sans.edu/404project/ in a previous feature https://isc.sans.edu/diary/ISC+Feature+of+the+Week+The+404Project/12415 and announced reports in...

View Article

ISC StormCast for Friday, July 27th 2012...

July 26, 2012, 8:33 pm

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

BIND 9 Security Updates, (Mon, Jul 30th)

July 30, 2012, 4:29 am

BIND has released 4 new versions that takes care of 2 security issues. They can be downloaded here. 9.6-esv-r7-p2 9.7.6-p2 9.8.3-p2 9.9.1-p2 New security bulletins CVE-2012-3868: High TCP Query Load...

View Article

End of Days for MS-CHAPv2, (Mon, Jul 30th)

July 30, 2012, 2:36 pm

Moxie Marlinspike and David Hulton gave a talk at Defcon 20 on a presentation on cracking MS-CHAPv2 with 100% success rate. This protocol is still very much in use with PPTP VPNs, and WPA2 Enterprise...

View Article

ISC StormCast for Tuesday, July 31st 2012...

July 30, 2012, 6:41 pm

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

ISC StormCast for Wednesday, August 1st 2012...

July 31, 2012, 6:31 pm

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

SQL injection, lilupophilupop-style, (Tue, Jul 31st)

August 1, 2012, 4:55 am

Update/Errata: I got all excited when I saw information_schema, hoping that this is finally something new. Turns out in my ignorance of SQL Server, I didn't realize that Microsoft SQL Server uses...

View Article

Google Chrome 21 and getUserMedia API, (Wed, Aug 1st)

August 1, 2012, 6:30 am

Google yesterday released Chrome 21, the latest version of Google's browser. In addition to the usual set of bug fixes (including some critical security patches), Chrome now joins Opera with support...

View Article

ISC StormCast for Thursday, August 2nd 2012...

August 1, 2012, 6:54 pm

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

Opera Security Update, (Thu, Aug 2nd)

August 2, 2012, 6:18 am

Opera released version 12.01 which contains some recommended security updates. Information regarding security and stability enhancements for the various version are available here: Windows changelog,...

View Article

Flash Player 11.3.300.270 for Windows released to address a crash -...

August 2, 2012, 5:08 pm

----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

ISC StormCast for Friday, August 3rd 2012...

August 2, 2012, 6:06 pm

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article

ISC Feature of the Week: Handler Select News Feed, (Sat, Aug 4th)

August 3, 2012, 9:49 pm

Overview This week's feature just went live so keep checking back as information is added and subscribe to the RSSto keep updated in your favorite reader! Introducing the Handler Select News feed at...

View Article

Vendors: More Patch-Release Options Please, (Sat, Aug 4th)

August 4, 2012, 11:55 am

I opened a couple of polls earlier this year that asked the same basic question: Which patch-release schedule do you prefer. (https://isc.sans.edu/diary.html?storyid=13531 and...

View Article

Phishing for Payroll with unpatched Java, (Sun, Aug 5th)

August 5, 2012, 8:28 am

Few things are as juicy for the bad guys as getting a key-logger onto the computer of someone who manages payroll. HR/payroll employees tend to haveaccess to personal data of staff and usually have...

View Article

ISC StormCast for Monday, August 6th 2012...

August 5, 2012, 6:42 pm

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

View Article