Twitter
LinkedIn
RSS

Archive for the ‘Research & Alerts’ Category


"Internet scanning project" scans, (Sat, Jul 26th)

A reader, Greg, wrote in with a query on another internet scanning project. He checked out the IP address and it lead to a web site, www[.]internetscanningproject.org, which states: “Hello! You’ve reached the Internet Scanning Project.

Read More...

VU#394540: Sabre AirCentre Crew solutions contain a SQL injection vulnerability

Vulnerability Note VU#394540 Sabre AirCentre Crew solutions contain a SQL injection vulnerability Original Release date: 25 Jul 2014 | Last revised: 25 Jul 2014 Overview Sabre AirCentre Crew solutions version 2010.2.12.20008 and earlier contain an SQL injection vulnerability. Description CWE-89 : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) Sabre AirCentre Crew solutions version 2010.2.12.20008 and earlier are vulnerable to an SQL Injection attack in the username and password fields in CWPLogin.aspx.

Read More...

Thousands of WordPress Sites Compromised through MailPoet Vulnerability

4 retweets 1 favorites

Read More...

Lauri Love (Coldfusion #hacker) indicted. Moral = avoid hacking into the FBI Regional Computer Forenscis Laboratory

6 retweets 0 favorites

Read More...

#infosec tools: Kali Linux 1.0.8 Released with the long awaited EFI Boot Support

8 retweets 2 favorites

Read More...

VU#394540: Sabre AirCentre Crew contains a SQL injection vulnerability

Vulnerability Note VU#394540 Sabre AirCentre Crew contains a SQL injection vulnerability Original Release date: 25 Jul 2014 | Last revised: 25 Jul 2014 Overview Sabre AirCentre Crew 2010.2.12.20008 and earlier contains a SQL injection vulnerability. Description CWE-89 : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) Sabre AirCentre Crew 2010.2.12.20008 and earlier is vulnerable to a SQL Injection attack in the username and password fields in CWPLogin.aspx. Impact A remote attacker may be able to bypass authentication and access the system as an administrative user

Read More...

#infosec tool: Rekall Memory Forensic Framework, baseed on Python. For Linux, Windows and OSX

8 retweets 5 favorites

Read More...

Kali 1.0.8 released with UEFI boot support, more info at http://www.kali.org/news/kali-1-0-8-released-uefi-boot-support/, (Fri, Jul 25th)

— Bojan INFIGO IS (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read More...

Understanding Trust and How to Defend It in the Digital Age

8 retweets 3 favorites

Read More...

ISC StormCast for Friday, July 25th 2014 http://isc.sans.edu/podcastdetail.html?id=4077, (Fri, Jul 25th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read More...