Clik here to view.
Port 0 DDOS, (Fri, Nov 22nd)
Following on the stories of amplification DDOS attacks using Chargen, and stories of "booters" via Brian Kreb's, I am watching with interest the increase in port 0 amplification DDOS attacks....
View ArticleISC StormCast for Monday, November 25th 2013...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMore Bad Port 0 Traffic, (Mon, Nov 25th)
Thanks to an alert reader for sending us a few odd packets with "port 0" traffic. In this case, we got full packet captures, and the packets just don't make sense. The TTL of the packet changes with...
View ArticleISC StormCast for Tuesday, November 26th 2013...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Wednesday, November 27th 2013...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
ATM Traffic + TCPDump + Video = Good or Evil?, (Wed, Nov 27th)
I was working with a client recently, working through the move of a Credit Union branch. In passing, he mentioned that they were looking at a new security camera setup, and the vendor had mentioned...
View ArticleApache 2.4.7 is released 11/25. Download:...
=============== Rob VandenBrink Metaforehttp://httpd.apache.org/download.cgi#apache24 (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States...
View ArticleMicrosoft Security Advisory (2914486): Vulnerability in Microsoft Windows...
Fireeye posted a story earlier today outlining a zero day affecting XP and Windows 2003:...
View ArticleMS Exchange update, includes failed backup fix:...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleA review of Tubes, A Journey to the Center of the Internet, (Sat, Nov 30th)
While not immediately or obviously related to information security, I was so profoundly affected by my recent read of Andrew Blum's (@ajblum) Tubes, A Journey to the Center of the Internet, I believe...
View ArticleClik here to view.
Google having a hiccup in Colombia, (Sat, Nov 30th)
Today google is having a hiccup in Colombia. Users accessing www.google.com are having the following result: That looked weird. I was wondering if it was some kind of DNS spoofing attack, but it's...
View ArticleBPF, PCAP, Binary, hex, why they matter?, (Sun, Dec 1st)
*A call for more blue defenders* In a couple weeks I will be a TA for Mr. Mike Poor in DC at CDI (Shameless plug, if you are a reader and see me in DC say so!!!) for SANS 503. We often get asked, why...
View ArticleISC StormCast for Monday, December 2nd 2013...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleReports of higher than normal SSH Attacks - UPDATE, (Mon, Dec 2nd)
UPDATE: Thank you to all who reported! Reports are that SSH based attacks are increasing. We will continue to monitor! --- We have a report of a much greater than the normal noise of SSH based...
View ArticleISC StormCast for Tuesday, December 3rd 2013...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Even in the Quietest Moments ..., (Tue, Dec 3rd)
I recently had a migration from one internet uplink to another to do for a client. As with many organizations, they have about 40% of their workforce at head office, and 60% (and sometimes more) of...
View ArticleISC StormCast for Wednesday, December 4th 2013...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleVMware Security Advisory VMSA-2013-0014, (Wed, Dec 4th)
VMware have released security advisory VMSA-2013-0014 "VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation" . It has been assigned CVE-2013-3519. Let's be careful out...
View ArticleISC StormCast for Thursday, December 5th 2013...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleUpdated Standards Part 1 - ISO 27001, (Thu, Dec 5th)
ISO 27001:2013 - Information Security Management Systems was released in September and slipped into use relatively quietly. The standard replaces ISO27001:2005. Whilst the overall intent of the...
View Article