Oracle Releases Java Security Updates, (Thu, Aug 30th)
A short while ago, Oracle released updates for both Java 6 and Java 7 in response to the critical 0-Day vulnerabilities discussed earlier this week, as well as two other security issues. US-CERThas...
View ArticleISC StormCast for Friday, August 31st 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleVMware Updates, (Fri, Aug 31st)
VMware released one new security advisory, and updated 2 older once. New: VMSA-2012-0013 [1] The update affects vCenter (and Update Manager)4.1 without Update 3, as well as ESX/ESXi. It patches a...
View ArticleNot so fast: Java 7 Update 7 critical vulnerability discovered in less than...
Polish security firm Security Explorations has sent an advisory, with a proof-of-concept exploit, to Oracle today (Friday 31 AUG) specific to a vulnerability they discovered in the Java 7 security...
View ArticleBlackhole targeting Java vulnerability via fake Microsoft Services Agreement...
Thanks to Susan Bradley for reporting this to ISC. We're receiving multiple reports of a phishing campaign using the template from a legitimate Microsoft email regarding Important Changes to Microsoft...
View ArticleAuditing a Network for VOIP Call Quality Metrics, (Wed, Sep 5th)
What I'm seeing in the security field is a focus on vulnerabilties and exploits, in short - the cool stuff. And in real life, we see a much stronger focus on operations and cost. But what we rarely see...
View ArticleISC StormCast for Thursday, September 6th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleSSL Requests sent to port 80 (request for help/input), (Thu, Sep 6th)
A while ago, a reader submitted some odd looking web log entries like the following: default 10.5.0.48 - - [06/Sep/2012:23:11:36 +0000] \x16\x03 200 15 - - default 10.5.0.48 - - [06/Sep/2012:23:12:26...
View ArticleISC StormCast for Friday, September 7th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleKeeping an eye on those BYODs with DHCP, (Fri, Sep 7th)
A plethora of technologies, bespoke systems and acronyms offer management offer protection against unauthorised devices being connected to networks, but money, time, effort and management backing is...
View ArticleWebmin Input Validation Vulnerabilities, (Sat, Sep 8th)
If you are using Webmin within your network to administer Unix services, you should consider upgrading to the latest version 1.594 because an input validation vulnerabilities has been reported in...
View ArticlePhishing/Spam Pretending to be from BBB, (Sun, Sep 9th)
We received another piece of spam (thanks Curtis) pretending to be from the Better Business Bureau. Analysis of the file transferred (W6w8sCyj.exe) from prog.it appears to be a piece of malware...
View ArticleISC StormCast for Monday, September 10th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMicrosoft Patch Tuesday Pre-Release, (Mon, Sep 10th)
We only expect two bulletins from Microsoft tomorrow [1]. Both bulletins are rated important. The first one affectsMicrosoft Visual Studio Team Foundation Server 2010 Service Pack 1, and the second one...
View ArticleBlue Toad publishing co compromise lead to UDID release....
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleGodaddy DDoS Attack, (Mon, Sep 10th)
Update: GoDaddy appears to make some progress getting services back online. The web site is responding again. DNS queries appear to be still timing out and logins into the site fail. (17:30 ET) GoDaddy...
View ArticleISC StormCast for Tuesday, September 11th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMicrosoft September 2012 Black Tuesday Update - Overview, (Tue, Sep 11th)
Overview of the September 2012 Microsoft patches and their status. # Affected Contra Indications - KB Known Exploits Microsoft rating(**) ISC rating(*) clients servers MS12-061 XSS in Visual Studio...
View ArticleISC StormCast for Wednesday, September 12th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleSeptember 2012 OUCH! - Hacked: Now What?...
Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form -- Adam Swanger, Web Developer (GWEB, GWAPT)...
View Article