Bugtraq: Sophos Mobile Control EAS Proxy Open Reverse Proxy vulnerability...
Sophos Mobile Control EAS Proxy Open Reverse Proxy vulnerability (CVE-2016-6597)
View ArticleVuln: IBM Security AppScan CVE-2016-0288 XML External Entity Information...
IBM Security AppScan CVE-2016-0288 XML External Entity Information Disclosure Vulnerability
View ArticleVuln: RETIRED: cURL/libcURL CVE-2016-5419 Information Disclosure Vulnerability
RETIRED: cURL/libcURL CVE-2016-5419 Information Disclosure Vulnerability
View ArticleBugtraq: DLL side loading vulnerability in VMware Host Guest Client Redirector
DLL side loading vulnerability in VMware Host Guest Client Redirector
View ArticleBugtraq: [SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20)
[SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20)
View ArticleBugtraq: [SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20)
[SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20)
View ArticleBugtraq: Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP...
Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP Object injection vulnerability
View ArticleISC Stormcast For Thursday, August 4th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Stormcast For Friday, August 5th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Stormcast For Tuesday, August 2nd 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Stormcast For Wednesday, August 3rd 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Articlertfdump, (Sat, Aug 6th)
rtfdump is a tool I developed to help me analyze (malicious) RTF files. If you just want to extract embedded objects from RTF files, you can use rtfobj. But if you want to perform more analysis, you...
View ArticleStop calling it a ransomware "attack", (Sun, Aug 7th)
Introduction I dislike the term ransomware attack. Why, you ask? Its a matter of perception. The word attack indicates specific intent against a particular individual or group. An attack means someone...
View ArticleFollow-up to: Stop calling it a ransomware "attack", (Sun, Aug 7th)
Introduction Earlier today, I posted a diary protesting an overall trend of calling ransomware infections ransomware attacks [1]. Unfortunately, that previous diary didnt include information on...
View ArticleISC Stormcast For Monday, August 8th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleUsing File Entropy to Identify "Ransomwared" Files, (Mon, Aug 8th)
Any engineer or physisist will tell you that Entropy is like Gravity - theres no fighting it, its the law! However, they can both be used to advantage in lots of situations. In the IT industry, a...
View ArticleBugtraq: [slackware-security] stunnel (SSA:2016-219-04)
[slackware-security] stunnel (SSA:2016-219-04)
View ArticleBugtraq: [SECURITY] [DSA 3643-1] kde4libs security update
[SECURITY] [DSA 3643-1] kde4libs security update
View ArticleBugtraq: [slackware-security] curl (SSA:2016-219-01)
[slackware-security] curl (SSA:2016-219-01)
View ArticleBugtraq: [slackware-security] mozilla-firefox (SSA:2016-219-02)
[slackware-security] mozilla-firefox (SSA:2016-219-02)
View Article