Adobe, Google and other Patch Tuesday patches, (Tue, Nov 12th)
Adobe Adobe published two advisories today: (Correction: APSB13-25 was released last month, and I have removed it from this diary. Instead, APSB13-27 was added below) APSB13-26: Security Updates for...
View ArticleNovember 2013 Microsoft Patch Tuesday, (Tue, Nov 12th)
Overview of the November 2013 Microsoft patches and their status. # Affected Contra Indications - KB Known Exploits Microsoft rating(**) ISC rating(*) clients servers MS13-088 Cumulative Security...
View ArticleClik here to view.
Google Drive Phishing, (Wed, Nov 13th)
In the past we have seen malware being delivered via Google Docs. You would receive an email stating that a document had been shared and when you clicked the link bad things would start to happen. In...
View ArticleSetting up Honeypots, (Wed, Nov 13th)
Most if not all of the handlers run honeypots, sinkholes, SPAM traps, etc in various locations around the planet. As many of you are aware they are a nice tool to see what is going on on the Internet...
View ArticleiOS 7.0.4 released. Fixes issue with unauthorized in App purchases...
------ Johannes B. Ullrich, Ph.D. SANS Technology Institute Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Friday, November 15th 2013...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleVMWare Security Advisory:...
------ Johannes B. Ullrich, Ph.D. SANS Technology Institute Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Anatomy of a Malware distribution campaign, (Sun, Jan 19th)
Starting about 10 days or so ago, a Spam campaign began targeting Pacific Gas and Energy (PG&E), a large U.S. energy provider. PG&E has been aware of this campaign for about a week, and has...
View ArticleISC StormCast for Monday, January 20th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
You Can Run, but You Can't Hide (SSH and other open services), (Mon, Jan 20th)
In any study of internet traffic, you'll notice that one of the top activities of attackers is to mount port scans looking for open SSH servers, usually followed by sustained brute-force attacks. On...
View ArticleISC StormCast for Tuesday, January 21st 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleTaking care when publishing Citrix services inside the corporate network or...
Citrix has some interesting products like XenApp, which allow people to access corporate application from tablets, Windows Terminals and also Windows servers and PC. Depending on how are you using...
View ArticleISC StormCast for Wednesday, January 22nd 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleLearning from the breaches that happens to others, (Wed, Jan 22nd)
Initially when major breaches or incidents announced via the media, everyone and their pet dog has a theory about how it happened. As an Incident handler, I love a good explanation of what really...
View ArticleiTunes 11.1.4 is now available - addressing numerous CVEs, (Wed, Jan 22nd)
Chris Mohan --- Internet Storm Center Handler on Duty (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Thursday, January 23rd 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleLearning from the breaches that happens to others Part 2, (Thu, Jan 23rd)
My last Diary piece was on the analysis of multiple similar breaches with a great deal of technical details from an external team brought in to handle the incidents, but it didn't touch on the human...
View ArticleISC StormCast for Friday, January 24th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticlePhishing via Social Media, (Fri, Jan 24th)
The use of social media as an attack vector is nothing new; We’ve all seen plenty of stories in the media of fake FaceBook profiles such as the one for American Admiral James Stavridis back in 2012...
View ArticleSecurity Update for OS X for CVE-2014-1252...
Chris Mohan --- Internet Storm Center Handler on Duty (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Article