ISC StormCast for Wednesday, September 10th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleContent Security Policy (CSP) is Growing Up., (Wed, Sep 10th)
We have talked here about Content Security Policy (CSP) in the past. CSP is trying to tackle a pretty difficult problem. When it comes to cross-site-scripting (XSS), the browser and the user is usually...
View ArticleISC StormCast for Thursday, September 11th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleVMware NSX and vCNS product updates address a critical information...
Chris Mohan --- Internet Storm Center Handler on Duty (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Friday, September 12th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleAre credential dumps are worth reviewing?, (Fri, Sep 12th)
Itâs been reported that around five million Gmail email addresses were released on to a forum early on in the week. In the file, next to each email address, was a password. These email addresses and...
View ArticleSSDEEP update, (Sun, Sep 14th)
Jesse Kornblum released a new version of his fuzzy hashing tool ssdeep this week. This release fixes a problem that was apparently introduced with version 2.10 in July 2013. If you use ssdeep, you...
View ArticleISC StormCast for Monday, September 15th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Even Bad Malware Works, (Mon, Sep 15th)
For a few weeks now, I keep receiving a few "Delta Ticket" e-mails a day with zipped executables as attachments. The e-mails are done about as bad as it gets: The "From" address uses a random domain...
View ArticleSpoofed SNMP Messages: Mercy Killings of Vulnerable Networks or Troll?,...
2nd Update All the packet captures we received so far show the same behavior. The scans are sequential, so it is fair to assume that this is an internet wide scan. We have yet to find a vulnerable...
View ArticleISC StormCast for Tuesday, September 16th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleAdobe updates, Reader and Acrobat -->...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
https://yourfakebank.support -- TLD confusion starts!, (Tue, Sep 16th)
Pretty much ever since the new top level domain (TLD) ".biz" went online a couple years ago, and the only ones buying domains in this space were the scammers, we kinda knew what would happen when...
View ArticleNew version of Wireshark is available -->...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleFreeBSD Denial of Service advisory (CVE-2004-0230), (Tue, Sep 16th)
A vulnerability has been discovered by Johnathan Looney at the Juniper SIRT in FreeBSD (base for Junos and many other products) in the way that FreeBSD processes certain TCP packets...
View ArticleISC StormCast for Wednesday, September 17th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleYour online background check is now public!, (Wed, Sep 17th)
An email titled "Your online background check is now public" might be half-scary if it was sent to a real person. But if it is a bunch of honeypot email addresses that have nobody associated to them in...
View ArticleIOS8 is out - IOS 8 has arrived and with it the numerous devices that will...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Thursday, September 18th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleApple Releases OS X 10.9.5 / Safari 6.2 and 7.1 with several security fixes...
--- Johannes B. Ullrich, Ph.D. STI|Twitter|LinkedIn (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Article