ISC StormCast for Friday, December 30th 2011...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWi-Fi Protected Setup (WPS) PIN Brute Force Vulnerability, (Fri, Dec 30th)
Wi-Fi Protected Setup (WPS)is a Wi-Fi Alliance specification (v1.0 - available since January 2007)designed to ease the process of securely setup Wi-Fi devices and networks. Acouple of days ago...
View ArticleBye 2011, Hello 2012, what will you have in store for us?, (Sat, Dec 31st)
With the last day of the year well and truly on the way in most parts of the world and almost finished in my part of the world it is probably a nice time to reflect a little bit on the year that was....
View ArticleLilupophilupop tops 1million infected pages, (Sat, Dec 31st)
Earlier in the month we published an article regarding the lilupophilupop.com SQL injection attacks (http://isc.sans.edu/diary.html?storyid=12127). being a month onwards I though it might be a good...
View Articlenmap 5.61TEST4 released, (Tue, Jan 3rd)
For those of you following the development stream of nmap, an interesting release today. nmap 5.61TEST4 has a number of interesting features. a spidering library and associated scripts for crawling...
View ArticleAnalysis of the Stratfor Password List, (Tue, Jan 3rd)
As reported at the isc.sans.edu on Christmas Day by Deb Hale, Stratfor had personal data of its customers compromised, including a list of 860,000 passwords hashes. Today Steve Ragan over at...
View ArticleThe tale of obfuscated JavaScript continues, (Tue, Jan 3rd)
What better way to start a new year than with some JavaScript deobfuscation! Couple of weeks ago, one of our readers, Rick, found a compromised server with an interesting addon planted by the attacker....
View ArticleISC StormCast for Wednesday, January 4th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Feature of the Week: How to Submit Firewall Logs, (Tue, Jan 3rd)
Each week, usually on Tuesday, we are going to highlight an ISC/DShield site feature so all our users become more aware of all the great functionality that is available! This week's ISC/DShield feature...
View ArticleOpenSSL vulnerability fixes, (Thu, Jan 5th)
OpenSSL has addressed six vulnerabilities in OpenSSL 1.0.0f and 0.9.8s. CVEs include: DTLS Plaintext Recovery Attack (CVE-2011-4108) Double-free in Policy Checks (CVE-2011-4109) Uninitialized SSL 3.0...
View ArticleWordPress 3.3.1 fixes 15 issues with WordPress 3.3 including XSS. Download...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Thursday, January 5th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleJanuary 2012 Patch Tuesday Pre-release, (Fri, Jan 6th)
It is a brand new year and this upcoming Tuesday Microsoft is releasing seven bulletins ranging from Important (6) to critical (1) affecting all Windows OS. Detailed information can be found in the...
View ArticleNew Version of tcpflow Available in Beta, (Fri, Jan 6th)
If you are avid users of tcpflow, Simson Garfinkel has just released a public beta of tcpflow which contains significant changes. If you want to participate in the beta testing, the tool is available...
View ArticleISC StormCast for Friday, January 6th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleGoogle Chrome Updated , (Sat, Jan 7th)
For those who weren't watching on Thursday, Google released a new revision of Chrome. There were a small number of high severity security issues which were corrected in version 16.0.912.75. More...
View ArticleUpdated OpenDLP, (Sat, Jan 7th)
Many of our readers use Data Loss Prevention products as a mechanism to identify sensitive data-at-rest on workstations, servers, databases and similar. Earlier today, I stumbled across an open source...
View ArticleISC StormCast for Monday, January 9th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMS11-100 DoS PoC exploit published, (Mon, Jan 9th)
If you have not patched yet for vulnerability MS11-100 you might want to do it ASAP, because the DoS PoC exploit for this vulnerability has been published two days ago. More information about the...
View ArticleISC StormCast for Tuesday, January 10th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Article