Category: Research & Alerts

Strange ICMP traffic seen in destination, (Sat, Sep 20th) 0

Strange ICMP traffic seen in destination, (Sat, Sep 20th)

Reader Ronnie provided us today a packet capture with a very interesting situation: Several packets are arriving, all ICMP echo request from unrelated address: All ICMP packets being sent to the destination address does not have data, leaving the packet with the 20 bytes for the IP header and 8 bytes for the ICMP echo request without data All the unrelated address sent 6 packets: One with normal TTL and 5 with incremental TTL: Seems to be those packets are trying to map a route, but in a very particular way. Since there are many unrelated IP addresses trying to do the same, maybe something is trying to map routes to specific address to do something not good.

VU#730964: FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities 0

VU#730964: FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities

Vulnerability Note VU#730964 FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities Original Release date: 19 Sep 2014 | Last revised: 19 Sep 2014 Overview Fortinet FortiGate and FortiWiFi appliances are susceptible to man-in-the-middle attacks ( CWE-300 ) and a heap-based overflow vulnerability ( CWE-122 ). Description Fortinet FortiGate and FortiWiFi 4.00.6 and possibly earlier versions are susceptible to man-in-the-middle attacks ( CWE-300 ) and a heap-based overflow vulnerability ( CWE-122 )

Apple Phishing emails, (Thu, Sep 18th) 0

Apple Phishing emails, (Thu, Sep 18th)

With today being “buy an Apple phone” day it should not be surprising that there are already some phishing emails going around to try and take advantage of the publicity.   Jan sent this in this morning (thanks): ————- Dear Client, We inform you that your account is about to expire in less 48 hours, it’s imperative to update your information with our audit forms, otherwise your session and/or account will be a limited access. just click the link below and follow the steps our request form Update now…