ISC Stormcast For Tuesday, February 21st 2017...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleHacks all the time. Engineers recently found Yahoo systems remained compromised
Some five months after Yahoo disclosed a security breach that exposed sensitive data for 500 million accounts, some of its systems remained compromised, according to a report published Tuesday. The...
View ArticleSysinternals Updates Sysmon, Autoruns, AccessChk, Process Monitor, Process...
=============== Rob VandenBrink Metafore (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleThanks to our reader Stephen for the update on .edu whois outage. Problem at...
=============== Rob VandenBrink Compugen (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleInvestigating Off-Premise Wireless Behaviour (or, "I Know What You...
Last week, I was working with a client on a web-filtering solution, using one of their organizations laptops. We happened to notice the long-long-LONG list of SSIDs that were on this machine, may of...
View ArticleBugtraq: APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1
APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1
View ArticleMicrosoft Patch Tuesday, or is that "Patch Next Tuesday"? - Flash...
Microsoft released the patch for MS017-005 today, to patch a remote code execution vulnerability inWindows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows...
View Article2 Apple Updates Today as Well - GarageBand and Logic Pro X, (Tue, Feb 21st)
GarageBand 10.1.6 is released today, fixing an arbitrary code execution bug in Yosemite 10.10 and later (CVE-2017-2374) Theres also second patch for Logic Pro X 10.3.1. Unfortunately, its got the text...
View ArticleISC Stormcast For Wednesday, February 22nd 2017...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleBugtraq: [security bulletin] HPESBHF03709 rev.1 - HPE Network products...
[security bulletin] HPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information
View ArticleQuick and dirty generic listener, (Tue, Feb 21st)
From time to time, we see spikes on some odd port in our data and we want to figure out what the bad guys are trying to do. Even just capturing the first packet or two of data can help us figure out...
View ArticleBugtraq: [SECURITY] [DSA 3788-2] tomcat8 regression update
[SECURITY] [DSA 3788-2] tomcat8 regression update
View ArticleISC Stormcast For Thursday, February 23rd 2017...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
At death’s door for years, widely used SHA1 function is now dead
(credit: Bob Embleton) For more than six years, the SHA1 cryptographic hash function underpinning Internet security has been at death's door. Now it's officially dead, thanks to the submission of the...
View ArticlePutty 0.68 released -...
-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons...
View ArticlePractical collision attack against SHA-1 , (Thu, Feb 23rd)
Google has announced that they have succeeded in developing a technique which makes it practical to crafttwo PDF files with the same SHA-1 digital signature. Of course like all new...
View ArticleClik here to view.
Frank Abagnale, world-famous con man, explains why technology won’t stop...
Enlarge / Frank Abagnale, as played by Leonardo DiCaprio in Catch Me If You Can, once pretended to be a doctor. Now he's teaching the health industry about the threat of identity theft. (credit:...
View ArticleClik here to view.
Serious Cloudflare bug exposed a potpourri of secret customer data
(credit: Acid the meme machine) Cloudflare, a service that helps optimize the security and performance of more than 5.5 million websites, warned customers today that a recently fixed software bug...
View ArticleISC Stormcast For Friday, February 24th 2017...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Apple deleted server supplier after finding infected firmware in Siri servers
Racks of servers that populate Apple's $1 billion data center in Maiden, North Carolina. (credit: Image courtesy of Apple Inc.) A mid-2016 security incident led to Apple purging its data centers of...
View Article