Twitter
LinkedIn
RSS

Archive for the ‘SANS Internet Storm Center’ Category


Special Edition of OUCH: Heartbleed – Why Do I Care? http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-2014-special_en.pdf, (Wed, Apr 23rd)

–  Alex Stanford – GIAC GWEB, Research Operations Manager, SANS Internet Storm Center (c) SANS Internet Storm Center.

Read More...

ISC StormCast for Wednesday, April 23rd 2014 http://isc.sans.edu/podcastdetail.html?id=3947, (Wed, Apr 23rd)

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read More...

Port 32764 Router Backdoor is Back (or was it ever gone?), (Tue, Apr 22nd)

Unlike announced a few month ago, the infamous “Port 32764″ backdoor was not fully patched in new routers [1]. As a reminder, the original backdoored allowed unrestricted/unauthenticated root access to a router by connecting to port 32764.

Read More...

Apple Patches for OS X, iOS and Apple TV., (Tue, Apr 22nd)

Apple today released patches for OS X, iOS and Apple TV. The OS X patches apply for versions of OS X back to Lion (10.7.5). Vulnerabilities fixed by these patches can lead to remote code execution by visiting malicious web sites

Read More...

ISC StormCast for Tuesday, April 22nd 2014 http://isc.sans.edu/podcastdetail.html?id=3945, (Tue, Apr 22nd)

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read More...

Allow us to leave!, (Mon, Apr 21st)

Here’s one yardstick that I use before signing up for any new online service: I first search the Interwebs for stories from users who tried to close their account and to leave same service, and were given a hard time.  I understand that commercially it is “rewarding” to show 300 million subscribers, even if 90% of them are stale accounts. But from a privacy and data security point of view, it does NOT make any sense for a user to leave an account behind that he/she knows for sure will never be used again.  Some services, also larger ones, are handling this issue professionally, and have a decently findable link on their home page that allows the closing of an account and deletion of stored data. Others .

Read More...

Finding the bleeders, (Mon, Apr 21st)

Now that the frantic frenzy around “Heartbleed” has calmed, and most sites are patched, it is time to circle back. For a server at a community college that I knew had been affected, I wanted to see if someone had pulled any data via Heartbleed during the roughly 36 hours between when the vulnerability became widely known, and when IDS signatures and patches were deployed to protect the site. Problem is, Heartbleed leaves basically no traces in the httpd server log, so checking there for attacks didn’t help

Read More...

OpenSSL Rampage, (Mon, Apr 21st)

OpenSSL, in spite of its name, isn’t really a part of the OpenBSD project. But as one of the more positive results of the recent Heartbleed fiasco, the OpenBSD developers, who are known for their focus on readable and secure code, have now started a full-scale review and cleanup of the OpenSSL codebase

Read More...

ISC StormCast for Monday, April 21st 2014 http://isc.sans.edu/podcastdetail.html?id=3943, (Mon, Apr 21st)

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read More...

Heartbleed hunting, (Mon, Apr 21st)

Yes, I know that by now you are really tired of hear and read about Heartbleed. You probably already got all testing scripts and tools and are looking on your network for vulnerable servers.  I was just playing with the Shodan transformer for Maltego  and looking for some specific versions of OpenSSL. The results are not good…

Read More...