A couple weeks ago, Dropbox announced that it invalidated some old “shared links” users used to share confidential documents, like tax returns  .
Fresh off our discussion regarding PowerShell, now for something completely different. In order to bring balance to the force I felt I should share with you my recent use of sed , “the ultimate s tream ed itor” and awk , “an extremely versatile programming language for working on files” to solve one of fourteen challenges in a recent CTF exercise I participated in. The challenge included only a legitimate bitmap file (BMP) that had been modified via least siginficant bit (LSB) steganography and the following details
Apple has released an update to address CVE 2014-1347 (1) for iTunes which addresses a specific vulnerability in the permissions of files and folders of the system. This vulnerability address a sitution, where “upon each reboot, the permissions for the /Users and /Users/Shared directories would be set to world-writable, allowing modification of these directories. This issue was addressed with improved permission handling”. As always, please ensure that all changes are tested and deployed in compliance with enterprise change management standards (1)http://support.apple.com/kb/TS5434 tony d0t carothers –gmail (c) SANS Internet Storm Center
APPLE-SA-2014-05-15-2 iTunes 11.2 available for download – security fixes address CVE-2014-1296: http://support.apple.com/kb/HT1222 &…
=============== Rob VandenBrink Metafore (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
We all know that the ssh honeypot “kippo” is a great tool. But it is awful easy for an attacker to figure out that they are connected to a kippo honeypot
It hasn’t really been reported much, but just after Microsoft sort of stopped releasing patches for Windows XP last month, we now have to get going on the next phase-out: Windows 8.1! [In a first version of this diary, I stated that support ends tomorrow.
Microsoft released its pre-announcement for the upcoming patch Tuesday. The summary indicates a total of 8 bulletins, 2 are critical with remote code execution and 6 Important with a mix of remote code execution, elevation of privileges, denial of service and security bypass features. The announcement is available here .
Heartbleed, IE Zero Days, Firefox vulnerabilities – What’s a System Administrator to do?, (Fri, May 9th)
With the recent headlines, we’ve seen heartbleed (which was not exclusive to Linux, but was predominately there), an IE zero day that had folks over-reacting with headlines of “stop using IE”, but Firefox and Safari vulnerabilities where not that far back in the news either. So what is “safe”? And as an System Administrator or CSO what should you be doing to protect your organization? It’s great to say “Defense in Depth” and “The 20 Critical Controls”, but that’s easy to say and not so easy to do when you are faced with a zero day in the browser that your business application must have to run. What can you do that’s quick and easy, that offers some concrete protection for your community of 20, 200, 2,000 or 20,000 workstations?
May OUCH Newsletter: I’m Hacked, Now What? http://www.securingthehuman.org/resources/newsletters/ouch/2014#may2014, (Wed, May 7th)
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Microsoft will release a special update later today (10am PT, 1pm ET, 7pm UTC) fixing the Internet Explorer vulnerability which has been used in targeted attacks recently. The vulnerability was announced late last week and affects Internet Explorer 6 and later on Windows versions back to Windows XP.