OpenSSL version 1.0.0l released, (Tue, Jan 7th)
Openssl project has announced a new realse of openssl 1.0.01 open source toolkit for SSl/TLS.The new release has fixed several bugs as the following : Major changes between OpenSSL 1.0.0k and OpenSSL...
View ArticleISC StormCast for Wednesday, January 8th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleIntercepted Email Attempts to Steal Payments, (Wed, Jan 8th)
A reader sent in details of a incident that is currently being investigated in their environment. (Thank you Peter for sharing! ) It appears to be a slick yet elaborate scam to divert a customer...
View ArticleISC StormCast for Thursday, January 9th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleIs XXE the new SQLi?, (Thu, Jan 9th)
Many modern applications today use XML documents to transfer data between clients and servers. Due to its simplicity, XML is actually great for this and is therefore very often used for representation...
View ArticleSecure Your Home Network with the January edition of the OUCH! Newsletter:...
Secure Your Home Network with the January edition of the OUCH! Newsletter: http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201401_en.pdf (c) SANS Internet Storm Center....
View ArticleMicrosoft Security Bulletin Advance Notification for January 2014...
------ Johannes B. Ullrich, Ph.D. SANS Technology Institute Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleSimple router backdoor/exposed admin check:...
------ Johannes B. Ullrich, Ph.D. SANS Technology Institute Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMassive PHP RFI scans, (Thu, Jan 9th)
Today one of our readers, Yinette, sent in a pcap of a pretty massive PHP RFI scans. Yinette has been seeing this for quite some time and the number of requests sent by this (yet unknown) bot or...
View ArticleOracle announced critical patches for next Tuesday - patching 147 (!!!)...
-- Bojan INFIGO IS (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Friday, January 10th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Windows Autorun-3, (Fri, Jan 10th)
In previous diaries I talked about some of the most common startup locations in windows environment. In this diary I will talk about some of the method to enumerate these values from registry...
View ArticleCisco Small Business Devices backdoor fix, (Fri, Jan 10th)
Cisco has released a new update fix to Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router. The...
View ArticleAdobe joins the show on Tuesday too and announces patches for Adobe Reader...
-- Bojan INFIGO IS (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticlePHP 5.4.24 & 5.5.8 Released - http://www.php.net/downloads.php &...
----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
tcpflow 1.4.4 and some of its most Interesting Features, (Sat, Jan 11th)
The latest version can of course reconstruct TCP flows but also has some interesting feature such as being able to carve files out of web traffic (zip, gif, jpg, css, etc) and reconstruct webpages....
View ArticleNotification Glitch - Multiple New Diary Notifications, (Sun, Jan 12th)
We have been notified that some of you have received repeated notifications being sent out regarding a recently-published diary. Notification has been turned off while we are investigating the issue....
View ArticleISC StormCast for Monday, January 13th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleGot an IPv6 Firewall?, (Mon, Jan 13th)
Just like the call "Winter is Coming" in Game of Thrones, we keep hearing IPv6 is coming to our networks spreading doom and gloom to our most priced assets. But just like the clothing worn by some of...
View ArticleSpecial Webcast today: HTML5, Risky Business or Hidden Security Toolchest?...
------ Johannes B. Ullrich, Ph.D. SANS Technology Institute Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Article