What's important on your network?, (Sun, Nov 4th)
Often when you ask someone what is important on their network, they will say Everything. But that cannot be the case. You have to determine your High Value Targets first. A High Value Target is a...
View ArticleISC StormCast for Monday, November 5th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleReminder: Ongoing SMTP Brute Forcing Attacks, (Mon, Nov 5th)
Our reader (and podcast listener) Pete wrote in with a little SMTP log snippet: 2012-11-04 22:37:36 courier_login authenticator failed for 153.red-2-139-216.staticip.rima-tde.net ([192.168.2.33])...
View ArticlePossible Fake-AV Ads from Doubleclick Servers, (Mon, Nov 5th)
Reader James ran into a Fake AV ad delivered by Double click. It is not clear if this is the result of a compromise of double click, or a paid ad that slipped through doubleclicks content review...
View ArticleISC StormCast for Tuesday, November 6th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWhat to watch out For on Election Day, (Tue, Nov 6th)
Today (Tuesday) is election day in the US. Many voters have already cast their ballot via absentee and early voting, but the vast majority will vote today. Like any major event, this is likely going...
View ArticleISC StormCast for Wednesday, November 7th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMultiple 0-Days Reported! , (Wed, Nov 7th)
Im getting really good feedback on our bug hunt. Ive had a couple of people report interesting vulnerabilities to ISC or me directly that they have discovered using the technique outline on the ISC...
View ArticleCisco TACACS+ Authentication Bypass, (Wed, Nov 7th)
Cisco has released a patch that addresses a TACACS+ Authentication Bypass vulnerability. Exploitation is likely very easy. If you are using Cisco ACS for authentication you should probably take note...
View ArticleGet a 40% discount on your hotel room!, (Thu, Nov 8th)
Heres a novel (to me) phishing approach. Cal, one of our readers, was staying at a hotel in Arizona on business, and he got a call to his room from the - alleged - front desk. They were saying that...
View ArticleISC StormCast for Thursday, November 8th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleHelp eliminate unquoted path vulnerabilities, (Wed, Nov 7th)
Metasploits Service Trusted Path Privilege Escalation exploit takes advantage of unquoted service paths vulnerability outline in CVE-2005-1185, CVE=2005-2938 and CVE-2000-1128. The vulnerability takes...
View ArticleAdobe Patches, (Thu, Nov 8th)
Rumor has it that there is an Adobe Reader (PDF) zero-day. Google Group IB zero day, and youll find all the news outlets quoting each other. We dont have a sample PDF yet. If you have one, please...
View ArticleFresh batch of Microsoft patches next week , (Fri, Nov 9th)
Next week Microsoft will release 6 new security bullitins. Of the six bulletins, five of them are critical and allow for remote execution of code. The pre-notification information indicates that the...
View ArticleRemote Diagnostics with PSR, (Fri, Nov 9th)
Have you ever been in this situation? Someone calls you for help and tries to explain their problem. They do such a poor job of explaining what they are seeing that you arent even sure what OS they...
View ArticleISC StormCast for Friday, November 9th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Monday, November 12th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleRequest for info: Robocall Phishing Against Local/Regional Banks, (Mon, Nov...
Last week, my wife got an automated call from a bank with only a local presence that her debit card was deactivated. The call went to her cell phone. She wasnt a customer of that bank so it was easy...
View ArticleISC StormCast for Tuesday, November 13th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMicrosoft November 2012 Black Tuesday Update - Overview, (Tue, Nov 13th)
NOTE: Several of these patches apply to Windows 8 and Windows RT that were just released last month. Overview of the November 2012 Microsoft patches and their status. # Affected Contra Indications -...
View Article