Category: SANS Internet Storm Center

CSAM Month of False Postives – False Positives from Management, (Thu, Oct 30th) 0

CSAM Month of False Postives – False Positives from Management, (Thu, Oct 30th)

Often the start of a problem and its solution is receiving a call from a manger, project manager or other non-technical decision maker. Youll know going in that the problem is absolutely real, but the information going in might be a total red herring. Some classic examples are: The network is slow I ran a speed test, we should being seeing 10x the speed

The Wonderful World of CMS strikes again, (Wed, Oct 29th) 0

The Wonderful World of CMS strikes again, (Wed, Oct 29th)

I think that I will start this Diary with the following statement: If you use an open source CMS, and you do not update it frequently, there is a very high chance that your website if not only compromised but also part of a botnet. You probably already saw several of our diaries mentioning vulnerabilities in very well-known CMS systems like WordPress and Joomla, which are quite powerful and easy to use/install, and also full of vulnerabilities and requires frequent updates. The third one in this list is Drupal.