Twitter
RSS

Posts Tagged ‘browser’

« Older Entries

Safe – Tools, Tactics and Techniques, (Mon, May 20th)

By on Monday, May 20th, 2013 | No Comments

Trend Micro published a report last week on a spear-phishing emails campaign that contain a malicious attachment exploiting a Microsoft Office vulnerability ( CVE-2012-0158 ).

Read More...

Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings…

By on Monday, May 20th, 2013 | No Comments

———– Guy Bruneau IPSS Inc.

Read More...

SSL: Another reason not to ignore IPv6, (Fri, May 17th)

By on Friday, May 17th, 2013 | No Comments

Currently, many public web sites that allow access via IPv6 do so via proxies. This is seen as the “quick fix”, as it requires minimum changes to the site itself. As far as the web application is concerned, all incoming traffic is IPv4.  The most obvious issue here is logging, in that the application only “sees” the proxies IP address, unless it inspects headers added by the proxy, which will no point to (unreadable?) IPv6 addresses.

Read More...

ISC StormCast for Friday, May 17th 2013 http://isc.sans.edu/podcastdetail.html?id=3314, (Fri, May 17th)

By on Friday, May 17th, 2013 | No Comments

(c) SANS Internet Storm Center.

Read More...

e-netprotections.su ?, (Fri, May 17th)

By on Friday, May 17th, 2013 | No Comments

  Like with .biz, I sometimes have the impression that .su and .cc could be sinkholed in their entirety, because the bad domains seem to vastly outnumber whatever (if any) good is running under these TLDs as well. Earlier today, ISC reader Michael contacted us with information that several PCs on his network had started to communicate with iestats.cc, emstats.su, ehistats.su, e-protections.su and a couple other domains.

Read More...

Extracting signatures from Apple .apps, (Thu, May 16th)

By on Thursday, May 16th, 2013 | No Comments

As an add-on to ISC Handler Lenny Zeltser's earlier diary on extracting certificates from signed Windows binaries, here's how to do the same on a Mac. Given that today's blog over at F-Secure documents a screenshot-taking Mac spyware that is signed with a developer ID, signed bad .apps might actually be more prevalent than expected

Read More...

Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability, (Thu, May 16th)

By on Thursday, May 16th, 2013 | No Comments

Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to cause high CPU utilization and a reload of the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available

Read More...

ISC StormCast for Thursday, May 16th 2013 http://isc.sans.edu/podcastdetail.html?id=3311, (Thu, May 16th)

By on Thursday, May 16th, 2013 | No Comments

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read More...

Microsoft Security Advisory overview, (Tue, May 14th)

By on Wednesday, May 15th, 2013 | No Comments

Malware Protection Engine Microsoft released  security advisory 2846338 indicating that they have update their Malware Protection Engine (used in a varierty of their anti malware products) to fix a vulnerability in said engine where an attacker would be able to execute random code in the context of LocalSytem. Micorosft claims the vulnerability was publicly disclosed as a DoS.

Read More...

CVE-2013-2094: Linux privilege escalation, (Tue, May 14th)

By on Tuesday, May 14th, 2013 | No Comments

A vulnerability was discovered using fuzzing in linux kernels 2.6.37 till 3.8.9. The vulenrability requires the kernel to be compiled with PERF_EVENTS, but unfortunately that seems the case for quite some linux distributions

Read More...
« Older Entries