ISC StormCast for Tuesday, April 1st 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
cmd.so Synology Scanner Also Found on Routers, (Tue, Apr 1st)
Yesterday, we talked about a scanner looking for Synology devices that was running on a ARM CPU equipped DVR. Looking at a few other sources of these scans, we did see a couple that didn't originate...
View ArticleUpgrading Your Android, Elevating My Malware, (Tue, Apr 1st)
A new study[1][2] by Indiana University Bloomington show that updating any Android device can allow an attacker to escalate apps privileges. The researchers have discovered a new type of vulnerability...
View ArticleCall for packets udp/137 broadcast, (Tue, Apr 1st)
One of our readers have reported that he has seen a broadcast traffic to udp/137 . He suspected that the traffic cause a denial of service to some of his systems. If you have seen such traffic and you...
View ArticleISC StormCast for Wednesday, April 2nd 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleApple Security Update for Safari 6.1.3/7.0.3:...
-Kevin -- ISC Handler on Duty (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Thursday, April 3rd 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWatching the watchers, (Thu, Apr 3rd)
A lot of companies today have various IDS and IPS devices implemented in their internal network (especially if you must be compliant with PCI DSS, for example). So these devices get implemented to...
View ArticleApril issue of OUCH! newsletter: Yes, You Actually Are A Target...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Friday, April 4th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticlePHP 5.4.27 released, (Fri, Apr 4th)
A new version of PHP has been released. The announcement comments: "The PHP development team announces the immediate availability of PHP 5.4.27. 6 bugs were fixed in this release, including...
View ArticlePatch Tuesday pre-Announcement - XP officially becomes the enemy next week,...
Microsoft has posted their regular pre-announcement for Patch Tuesday here: http://technet.microsoft.com/en-us/security/bulletin/ms14-apr We can expect: The final, yes final patches for XP The final...
View ArticleClik here to view.
Dealing with Disaster - A Short Malware Incident Response, (Fri, Apr 4th)
I had a client call me recently with a full on service outage - his servers weren't reachable, his VOIP phones were giving him more static than voice, and his Exchange server wasn't sending or...
View ArticleWindows 8.1 Update Released, (Fri, Apr 4th)
Thanks to Susan, one of or readers, who dropped us a line today to tell me that we (and by "we" I mean "I") missed that Windows 8.1 Update was announced on April 2. This is an important update for all...
View ArticleClik here to view.
Those strange e-mails with URLs in them can lead to Android malware, (Sat,...
You've probably gotten a few of these e-mails over the last few months (I saw the first one of this latest kind in early Feb), we got one to the handlers list earlier this week which prompted this...
View Article"Power Worm" PowerShell based Malware, (Sun, Apr 6th)
In the past few years one of the major improvements in the Windows environment was PowerShell. With Unix-style scripting capabilities automating windows administration tasks become possible. One of...
View ArticleISC StormCast for Monday, April 7th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleAttack or Bad Link? Your Guess?, (Mon, Apr 7th)
Reviewing my logs, I found this odd request: GET...
View ArticleISC StormCast for Tuesday, April 8th 2014...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleOpenSSL CVE-2014-0160 Fixed, (Tue, Apr 8th)
OpenSSL 1.0.1g has been released to fix "A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64kB of memory to a connected client or server. This issue...
View Article