ISC StormCast for Wednesday, March 12th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWordpress "Pingback" DDoS Attacks, (Wed, Mar 12th)
Sucuri detected an interesting "reflective" attack using the Wordpress Pingback feature to attack web sites [1]. Unlike other reflective attacks that use UDP services like NTP and DNS, this attacks...
View ArticleIdentification and authentication are hard ... finding out intention is even...
While the drama about the lost airplane in Malaysia is still continuing, our hearts of course go out to the families of the missing. This ISC diary though is not about airplanes, or terrorism, it is...
View ArticleISC StormCast for Thursday, March 13th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWeb server logs containing RS=^ ?, (Thu, Mar 13th)
A SANS ISC reader sent us the following Apache log snippet earlier today 108.178.x.x - [11/Mar/2014:04:21:14 +0100] "GET /index.shtml/RK=0/RS=o_wLEbyzxJDMeXhdrhZU9KN7uD4- HTTP/1.0" 302 206 196.196.x.x...
View ArticleAdobe Shockwave Player critical update:...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Friday, March 14th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWord Press Shenanigans? Anyone seeing strange activity today?, (Fri, Mar 14th)
We are getting different activity reports (Thanks for those!) on Word Press. Beyond the ping back issue that has been happening, is anyone else seeing strange WP behavior? Richard Porter --- ISC...
View ArticleNTIA begins transition of Root DNS Management, (Sat, Mar 15th)
The U.S. National Telecommunications and Information Administration (NTIA) has begun the final stages of privatizing the management of the Domain Name System (DNS) that powers the Internet. This...
View ArticleISC StormCast for Monday, March 17th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleNew Apache web server release, (Mon, Mar 17th)
The Apache folks have released version 2.4.9 of their ubiquitous web server. This one fixes a couple of security vulnerabilities along with some other bug fixes, one in mod_log_conifg having to do...
View ArticleScans for FCKEditor File Manager, (Mon, Mar 17th)
FCKEditor (now known as CKEditor [1]) is a popular full featured GUI editor many web sites use. For example, you frequently find it with blog systems like WordPress or as part of commenting/forum...
View ArticleISC StormCast for Tuesday, March 18th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleCall for packets dest 5000 or source 6000, (Tue, Mar 18th)
There are two events I'm interested in following up at the moment. A few reports mentioned that scans to destination port 5000 seem to be popular at the moment....
View ArticleISC StormCast for Wednesday, March 19th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMozilla released updates for Firefox ( v 28.0), Thunderbird (v 24.4) and...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleFull Disclosure list shuts down, (Wed, Mar 19th)
The Full Disclosure mailing list which is at times an interesting source of information, other times entertainment and sometimes a source of frustration is shutting down. John Cartwright posted a...
View ArticleFor the Adventurous, Java 8 is out, (Wed, Mar 19th)
Looks like JAVA 8 is out (thanks Rob). What’s new: http://www.oracle.com/technetwork/java/javase/8-whats-new-2157071.html Release notes:...
View ArticleISC StormCast for Thursday, March 20th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleNormalizing IPv6 Addresses, (Thu, Mar 20th)
One of the annoyances with IPv6 addresses is that they may be abbreviated. Leading "0"s may be omitted, and groups of all ":0000:" may be replaced with "::". The key annoyance is the word "may". Some...
View Article