Apple Phishing emails, (Thu, Sep 18th)
With today being "buy an Apple phone" day it should not be surprising that there are already some phishing emails going around to try and take advantage of the publicity. Â Jan sent this in this...
View ArticleAdded today in oclhashcat 131 Django [Default Auth] (PBKDF2 SHA256 Rounds...
----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Friday, September 19th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWeb Scan looking for /info/whitelist.pac, (Fri, Sep 19th)
Nathan reported today that he has been seeing a new trend of web scanning against his webservers looking for /info/whitelist.pac. The scanning he has observed is over SSL. He has been observing this...
View ArticleCipherShed Fork from TrueCrypt Project, Support Windows, Mac OS and Linux -...
 ----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticlePHP Fixes Several Bugs in Version 5.4 and 5.5, (Fri, Sep 19th)
PHP announced the released of version 5.5.17 and 5.4.33. Ten bugs were fixed in version 5.4.33 and 15 bugs were fixed in version 5.5.17. All PHP users are encouraged to upgrade.The latest version are...
View ArticleClik here to view.
Strange ICMP traffic seen in destination, (Sat, Sep 20th)
Reader Ronnie provided us today a packet capture with a very interesting situation: Several packets are arriving, all ICMP echo request from unrelated address: All ICMP packets being sent to the...
View ArticleNew OWASP Testing guide version 4! Check...
Manuel Humberto Santander Peláez SANS Internet Storm Center - Handler Twitter: (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Monday, September 22nd 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleCyber Security Awareness Month: What's your favorite/most scary false...
As in prior years, we would like to use a theme for our October diaries, in order to participate in Cyber Security Awareness Month. This month, we are looking for "False Positives". One issue we are...
View ArticleiOS 7.1.x Exploit Released (CVE-2014-4377), (Mon, Sep 22nd)
Haven't upgraded to iOS 8 yet? Aside from a lot of new features, Apple also fixed a number of security vulnerabilities in iOS 8. For example CVE-2014-4377, a memory corrupion issue in iOS's core...
View ArticleClik here to view.
Fake LogMeIn Certificate Update with Bad AV Detection Rate, (Mon, Sep 22nd)
I just receive a pretty "plausible looking" e-mail claiming to originate from Logmein.com. The e-mail passed the first "gut check". The "From" address is auto-mailer@logmein.com. It was sent to an...
View ArticleISC StormCast for Tuesday, September 23rd 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticlejQuery.com Compromise: The Dangers of Third Party Hosted Content, (Tue, Sep...
jQuery is a popular Javascript framework, used by many websites (including isc.sans.edu) . jQuery provides many features, like easy access to webservices as well as advanced user interface features....
View ArticleISC StormCast for Wednesday, September 24th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleAttention *NIX admins, time to patch!, (Wed, Sep 24th)
Over the past years, we became used to Microsoft Patches, the important, critical ones that would render your system fully vulnerable if you didn't apply them. We probably became so used that sometime...
View ArticleISC StormCast for Thursday, September 25th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Webcast Briefing: Bash Code Injection Vulnerability, (Thu, Sep 25th)
I created a quick Youtube video to summarize the impact of the vulnerability. The tricky part is that there is a huge vulnerable population out there, but the impact is limited as in most cases, the...
View ArticleUpdate on CVE-2014-6271: Vulnerability in bash (shellshock), (Thu, Sep 25th)
(this diary will be updated with links to relevant resources shortly) Yesterday, a vulnerability in bash was announced, that was originally found by Stephane Schazelas. The vulnerability allows for...
View ArticleISC StormCast for Friday, September 26th 2014...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Article