ISC StormCast for Wednesday, August 27th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMicrosoft has modified and re-released MS14-045 -...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
One More Day of Trolling in POS Memory, (Wed, Aug 27th)
Further to the recent story on Memory Trolling for PCI data, I was able to spend one more day fishing in memory, I dug a bit deeper and come up with more fun Credit Card / Memory goodness with our...
View ArticleISC StormCast for Thursday, August 28th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleFalse Positive or Not? Difficult to Analyze Javascript, (Fri, Aug 29th)
Our reader Travis sent us the following message: We have had 2 users this morning hit a Forbes page:Â hxxp://www.forbes.com/sites/jimblasingame/2013/05/07/success-or-achievement/ And then after being...
View ArticleISC StormCast for Friday, August 29th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Dodging Browser Zero Days - Changing your Org's Default Browser Centrally,...
In a recent story about "what's a sysadmin to do?", we suggested that since our browsers seem to take turns with zero days lately, that system administrator should have processes in place to prepare...
View ArticleISC StormCast for Tuesday, September 2nd 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleApple iCloud Security Incident, (Tue, Sep 2nd)
There's lots of interest in the recent iCloud incident, where apparently several "celebrity" accounts were compromised. Sorry to say, it's not a rumour. It's also something that could and should have...
View Article"Death" of Internet Services, (Tue, Sep 2nd)
No, we're not talking about 1940's literature today - I've been reading, as have many, that Microsoft is planning to finally stop the venerable MSN Messenger Chat service. I find it interesting that...
View ArticleFirefox 32 released, time to update - now with support for Public...
=============== Rob VandenBrink Metafore (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Wednesday, September 3rd 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleF5 BigIP Unauthenticated rsync Vulnerability, (Wed, Sep 3rd)
The reason I decided to write up this vulnerability is not the fact that this is a very popular system, or that there is a huge risk here. The main reason is that it struck me with a certain amount of...
View ArticleISC StormCast for Thursday, September 4th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleIdentifying Firewalls from the Outside-In. Or, "There's Gold in them thar...
In a penetration test, often the key to bypassing a security control is as simple as knowing identifying the platform it's implemented on. In other words, it's a lot easier to get past something if...
View ArticleISC StormCast for Friday, September 5th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleOdd Persistent Password Bruteforcing, (Sun, Sep 7th)
This isn't something new, but I think it is often overlooked: "slow and low" password brute forcing. One of the daily reports I like to look at is password brute force attempts. more or less "forever",...
View ArticleISC StormCast for Monday, September 8th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Tuesday, September 9th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMicrosoft Patch Tuesday - September 2014, (Tue, Sep 9th)
Overview of the September 2014 Microsoft patches and their status. # Affected Contra Indications - KB Known Exploits Microsoft rating(**) ISC rating(*) clients servers MS14-052 Cumulative Security...
View Article