http://isc.sans.edu/podcast.html#stormcast en-us (c) SANS Institute 2013 This work is licensed under a Creative Commons License - Attribution-NonCommercial-ShareAlike - http://creativecommons.org/licenses/by-nc-sa/2.0/ http://isc.sans.edu/images/stormcastlogo144.jpg http://isc.sans.edu/podcast.html#stormcast Daily update on current network security threats Daily update on current network security threats SANS Internet Storm Center Handlers This is an attempt to run daily micro podcasts summarizing information security issues of the last 24 hrs. You may submit questions and comments via our contact form at http://isc.sans.edu/contact.html . The SANS Internet Storm Center is a volunteer driven organization to alert the public of current information security threats and trends. The core of the Internet Storm Center is a group of about 40 handlers. These handlers are volunteer, and hand picked for their outstanding contributions to the field, real world experience and good performance in GIAC certifications. For more information, see http://isc.sans.edu SANS ISC Handlers handers@sans.org clean Johannes Ullrich Episode 1049 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3320.mp3 http://isc.sans.edu/podcastdetail.html?id=3320 Tue, 21 May 2013 01:46:54 GMT http://isc.sans.edu/clients/ubuntu.html
Hotel Room Locks Hacked in Recent Breack Ins
http://www.nbcnews.com/travel/hotel-room-lock-hack-tied-ongoing-thefts-1C9962178
Targeted Attacks with Custom User Agent
https://isc.sans.edu/diary/Safe+-+Tools+Tactics+and+Techniques/15848]]> 5:16 daily, network, security, computer, internet, 51616, Got Packets, Port 51616, Accesschk, Procdump, RAMMap, Strings, Sysinternal, dshield, ipv6, ubuntu, CVE20120158, Fantasia, OpenDoc, Safe, UsbDoc, UsbExe Johannes Ullrich Episode 1048 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3317.mp3 http://isc.sans.edu/podcastdetail.html?id=3317 Mon, 20 May 2013 01:27:24 GMT http://isc.sans.edu/framework.html
Pushdo Uses .kz domains
http://www.seculert.com/blog/2013/05/Pushdo-malware-domain-generation-adaptation.html
Financial Times Hacked
http://www.theregister.co.uk/2013/05/17/ft_twitter_hijacked_by_sea/
Yahoo Japan Compromisse
http://www.japantimes.co.jp/news/2013/05/18/national/yahoo-japan-suspects-vast-id-theft/#.UZl0B5XQnlI
Internet Wide Portscan Search
http://www.exfiltrated.com/querystart.php]]> 6:30 daily, network, security, computer, internet, 51616, Got Packets, Port 51616 Johannes Ullrich Episode 1047 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3314.mp3 http://isc.sans.edu/podcastdetail.html?id=3314 Fri, 17 May 2013 03:27:34 GMT http://www.f-secure.com/weblog/archives/00002554.html
https://isc.sans.edu/diary/Extracting+signatures+from+Apple+.apps/15821
e-netprotections.su
https://isc.sans.edu/diary/e-netprotections+su+/15818
Owncloud Vulnerabilities
http://owncloud.org/changelog/
Cisco TelePresence Supervisor
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130515-mse]]> 5:33 daily, network, security, computer, internet, malware, signature Johannes Ullrich Episode 1046 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3311.mp3 http://isc.sans.edu/podcastdetail.html?id=3311 Thu, 16 May 2013 01:35:23 GMT http://threatpost.com/pushdo-malware-resurfaces-with-dga-capabilities/
Honeynet Conpot
http://www.honeynet.org/node/1047
New Java Versioning Scheme
http://www.oracle.com/technetwork/java/javase/overview/jdk-version-number-scheme-1918258.html]]> 5:29 daily, network, security, computer, internet, passwords, Back Tuesday, Microsoft, MSFT, overview, patches, Firefox, Mozilla, Thunderbird, adobe, black tuesday, security advisory, kernel, linux Johannes Ullrich Episode 1045 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3308.mp3 http://isc.sans.edu/podcastdetail.html?id=3308 Wed, 15 May 2013 00:51:36 GMT http://technet.microsoft.com/en-us/security/bulletin/ms13-may
Adobe Patches
http://blogs.adobe.com/psirt/2013/05/adobe-security-bulletins-posted-7.html
Linux Privilege Escalation
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2094
Skype Reading your messages?
http://www.h-online.com/security/news/item/Skype-with-care-Microsoft-is-reading-everything-you-write-1862870.html
http://www.virusbtn.com/news/2013/05_14a.xml
]]> 7:59 daily, network, security, computer, internet, passwords, Back Tuesday, Microsoft, MSFT, overview, patches, Firefox, Mozilla, Thunderbird, adobe, black tuesday, security advisory, kernel, linux Johannes Ullrich Episode 1044 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3305.mp3 http://isc.sans.edu/podcastdetail.html?id=3305 Tue, 14 May 2013 02:14:16 GMT https://research.microsoft.com/pubs/192108/chi13b.pdf
Facebook hijacking via "man in the browser"
http://blogs.technet.com/b/mmpc/archive/2013/05/10/browser-extension-hijacks-facebook-profiles.aspx
Problems with revoced SSL Certificates
http://news.netcraft.com/archives/2013/05/13/how-certificate-revocation-doesnt-work-in-practice.html]]> 6:22 daily, network, security, computer, internet, passwords Johannes Ullrich Episode 1043 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3302.mp3 http://isc.sans.edu/podcastdetail.html?id=3302 Mon, 13 May 2013 01:06:52 GMT http://news.cnet.com/8301-13578_3-57583843-38/apple-deluged-by-police-demands-to-decrypt-iphones/
Washington State Court Breach
http://threatpost.com/washington-court-data-breach-exposes-160k-ssns/]]> 5:54 daily, network, security, computer, internet, certificates, malware, malware analysis, tools Johannes Ullrich Episode 1042 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3299.mp3 http://isc.sans.edu/podcastdetail.html?id=3299 Fri, 10 May 2013 01:33:07 GMT http://www.adobe.com/support/security/advisories/apsa13-03.html
Adobe Pre-announcement
http://blogs.adobe.com/psirt/2013/05/prenotification-upcoming-security-updates-for-adobe-reader-and-acrobat-apsb13-15.html
Microsoft Pre-announcement
http://technet.microsoft.com/en-us/security/bulletin/ms13-may
The Onion Twitter Hack
http://theonion.github.io/blog/2013/05/08/how-the-syrian-electronic-army-hacked-the-onion/
CSRF and OAuth
http://webstersprodigy.net/2013/05/09/common-oauth-issue-you-can-use-to-take-over-accounts/
]]> 4:48 daily, network, security, computer, internet, BGP, incident, internet status, adobe, flash, xss, CVE20131347, internet explorer, microsoft, msie, 0day, coldfusion Johannes Ullrich Episode 1041 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3296.mp3 http://isc.sans.edu/podcastdetail.html?id=3296 Thu, 09 May 2013 01:16:19 GMT http://blogs.technet.com/b/msrc/archive/2013/05/08/fix-it-for-security-advisory-2847140-is-available.aspx
CDorked Affects nginx and lighttpd
http://www.welivesecurity.com/2013/05/07/linuxcdorked-malware-lighttpd-and-nginx-web-servers-also-affected/
Honeywords
http://people.csail.mit.edu/rivest/pubs/JR13.pdf]]> 4:41 daily, network, security, computer, internet, typo squatting, newsletter, ouch, buffer overflow, nginx, BGP, incident, internet status, adobe, flash, xss Johannes Ullrich Episode 1040 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3293.mp3 http://isc.sans.edu/podcastdetail.html?id=3293 Wed, 08 May 2013 00:57:08 GMT http://nginx.org/en/CHANGES-1.4
Federal News Radio Site hacked
hxxp://wtop.com/41/3313012/WTOP- vicitim-of- malicious-cyber-attack
(obfuscated as site may still serve exploit code)
]]> 4:51 daily, network, security, computer, internet, typo squatting, newsletter, ouch, buffer overflow, nginx Johannes Ullrich Episode 1039 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3290.mp3 http://isc.sans.edu/podcastdetail.html?id=3290 Tue, 07 May 2013 00:56:04 GMT http://www-01.ibm.com/support/docview.wss?uid=swg21633819
IBM Java Vulnerability
http://seclists.org/fulldisclosure/2013/May/15
Google Building Control System Hack
http://www.cylance.com/techblog/Googles-Buildings-Hackable.shtml
]]> 5:19 daily, network, security, computer, internet, control sysmtes, ibm, cylance, google, java, internet explorer, microsoft Johannes Ullrich Episode 1038 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3287.mp3 http://isc.sans.edu/podcastdetail.html?id=3287 Mon, 06 May 2013 00:00:13 GMT http://ics-cert.us-cert.gov/jsar/JSAR-12-241-01A
Homomorphic Crypto from IBM
http://www.theregister.co.uk/2013/05/03/ibm_open_source_homomorphic_crypto/
https://github.com/shaih/HElib
Facebook CSRF
http://www.breaksec.com/?p=6192
common EXIM/Dovecot configuraiton issue
http://www.h-online.com/news/item/Care-needed-when-combining-Exim-and-Dovecot-1856664.htmlICS CERT revises recommendations to avoid shamoon
http://ics-cert.us-cert.gov/jsar/JSAR-12-241-01A
Homomorphic Crypto from IBM
https://github.com/shaih/HElib
Facebook CSRF
http://www.breaksec.com/?p=6192
common EXIM/Dovecot configuraiton issue
http://www.h-online.com/news/item/Care-needed-when-combining-Exim-and-Dovecot-1856664.html]]> 4:48 daily, network, security, computer, internet, 0 day, IE 8, Microsoft, Trojan, Watering Hole Johannes Ullrich Episode 1037 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3284.mp3 http://isc.sans.edu/podcastdetail.html?id=3284 Fri, 03 May 2013 02:01:53 GMT https://www.whitehatsec.com/resource/stats.html
Strongswan Vulnerability
http://www.strongswan.org/blog/2013/04/30/strongswan-5.0.4-released-(cve-2013-2944).html]]> 6:59 daily, network, security, computer, internet, malware, Malware containment Johannes Ullrich Episode 1036 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3281.mp3 http://isc.sans.edu/podcastdetail.html?id=3281 Thu, 02 May 2013 01:32:16 GMT http://labs.alienvault.com/labs/index.php/2013/u-s-department-of-labor-website-hacked-and-redirecting-to-malicious-code/
Hostgator Employee Compromissed Customer Servers
http://arstechnica.com/security/2013/04/former-employee-arrested-charged-with-rooting-2700-hostgator-servers/
Gaming Client used to mine for Bitcoins
hxxp://play.esea.net/index.php?s=esports&d=comments&id=12692
(URL currently marked as malicious by Google, which is why I obfuscated
it)
Camera Vulnerabilities
http://www.theregister.co.uk/2013/05/01/ip_cameras_with_dumb_vulns/
]]> 5:22 daily, network, security, computer, internet, apache, Blackhole, malware, Malware containment Johannes Ullrich Episode 1035 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3278.mp3 http://isc.sans.edu/podcastdetail.html?id=3278 Wed, 01 May 2013 01:30:01 GMT http://www.saurik.com/id/16
Sourceforge leads to Malware
http://research.zscaler.com/2013/04/more-fake-sourceforge-websites-show-up.html
Guardian Twitter Account Hacked
http://www.guardian.co.uk/world/2013/apr/29/assad-syrian-hackers-cyber-attacks
Ramnit malware stealing one time passwords
http://www.trusteer.com/blog/perfectionism-fraudster-style
]]> 5:23 daily, network, security, computer, internet, fake tech calls, apache, Blackhole Johannes Ullrich Episode 1034 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3275.mp3 http://isc.sans.edu/podcastdetail.html?id=3275 Tue, 30 Apr 2013 01:34:02 GMT http://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/
Living Social update: SHA-1
http://arstechnica.com/security/2013/04/why-livingsocials-50-million-password-breach-is-graver-than-you-may-think/
Cost of replacing compromissed systems vs. cleaning them
http://www.heise.de/security/meldung/Schwerin-Virus-verseuchter-Rechner-Ab-auf-den-Muell-damit-1851718.html]]> 6:02 daily, network, security, computer, internet, CNN, cyberterrorism, fake tech calls Johannes Ullrich Episode 1033 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3272.mp3 http://isc.sans.edu/podcastdetail.html?id=3272 Sun, 28 Apr 2013 21:33:33 GMT http://www.bbc.co.uk/news/technology-22314938
Google Joins FIDO Alliance
http://www.fidoalliance.org
Viber Android VOIP App allows for lock screen bypass
http://threatpost.com/vulnerability-in-viber-for-android-enables-lock-screen-bypass/]]> 05:00 daily, network, security, computer, internet, anti virus Johannes Ullrich Episode 1032 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3269.mp3 http://isc.sans.edu/podcastdetail.html?id=3269 Thu, 25 Apr 2013 19:56:29 GMT http://blogs.cisco.com/security/possible-exploit-vector-for-darkleech-compromises/
Twitter Two Factor Authentication
http://www.wired.com/threatlevel/2013/04/twitter-authentication/
Serial Port Server Scan
https://community.rapid7.com/community/metasploit/blog/2013/04/23/serial-offenders-widespread-flaws-in-serial-port-servers
]]> 6:20 daily, network, security, computer, internet, Blackhole, chargen, java, JavaScript, Microsoft, security intelligence, 2013, forensics, sans, survey Johannes Ullrich Episode 1031 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3266.mp3 http://isc.sans.edu/podcastdetail.html?id=3266 Wed, 24 Apr 2013 21:03:11 GMT http://www.theregister.co.uk/2013/04/23/hacked_ap_tweet_dow_decline/
Wordpress Plugin Vulnerabilities
http://blog.futtta.be/2013/04/18/wp-caching-plugin-vulnerability-debrief/
Virustotal pcap Analyzer
http://blog.virustotal.com/2013/04/virustotal-pcap-analyzer.html]]> 5:40 daily, network, security, computer, internet, Blackhole, chargen, java, JavaScript, Microsoft, security intelligence Johannes Ullrich Episode 1030 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3263.mp3 http://isc.sans.edu/podcastdetail.html?id=3263 Tue, 23 Apr 2013 17:44:01 GMT http://www.verizon.com/enterprise/databreach
Java Still vulnerable
http://seclists.org/fulldisclosure/2013/Apr/194
Twitter Malware Targeting Dutch
http://www.trusteer.com/blog/twitter-malware-spreading-more-than-just-ideas
]]> 5:17 daily, network, security, computer, internet, bcp 38, chargen, ddos, denial of service, Blackhole, java, JavaScript, Microsoft, security intelligence Johannes Ullrich Episode 1029 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3260.mp3 http://isc.sans.edu/podcastdetail.html?id=3260 Mon, 22 Apr 2013 21:44:47 GMT http://isc.sans.edu/diary/A+Chargen-based+DDoS%3F+Chargen+is+still+a+thing%3F/15647
Android Malware in Google Play Store
https://blog.lookout.com/blog/2013/04/19/the-bearer-of-badnews-malware-google-play/
Japan attempts to block tor
http://mainichi.jp/english/english/newsselect/news/20130418p2a00m0na013000c.html
pwn2own vulnerability
http://threatpost.com/chrome-and-java-pwn2own-vulnerabilities-explained/
TTF Fuzzing
http://www.f13-labs.net/infiltrate2013/INFILTRATE2013_Lee.pdf]]> 05:00 daily, network, security, computer, internet, bcp 38, chargen, ddos, denial of service Johannes Ullrich Episode 1028 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3257.mp3 http://isc.sans.edu/podcastdetail.html?id=3257 Sun, 21 Apr 2013 18:33:08 GMT http://forums.malwarebytes.org/index.php?showtopic=125138
Malware Used to Mine Bitcoins
http://www.threattracksecurity.com/it-blog/fareit-goes-bitcoin-mining/
Android Malware targeting 2 factor authentication
http://www.heise.de/security/meldung/Angebliche-Zertifikats-App-bringt-mTAN-Trojaner-aufs-Smartphone-1846618.html
http://anubis.iseclab.org/?action=result&task_id=117e77042c6f8d5e4e5c45afbcd56c78e&format=html]]> 5:30 daily, network, security, computer, internet, java, Java security update, Java vulnerability, bcp 38, chargen, ddos, denial of service Johannes Ullrich Episode 1027 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3254.mp3 http://isc.sans.edu/podcastdetail.html?id=3254 Fri, 19 Apr 2013 01:21:40 GMT http://www.microsoft.com/en-us/download/details.aspx?id=38761
Microsoft Security Intelligence Report
http://www.microsoft.com/security/sir/default.aspx
ACLU asks FCC to take action about Android software updates
http://threatpost.com/aclu-asks-ftc-to-investigate-carriers-lack-of-android-security-updates/
]]> 5:46 daily, network, security, computer, internet, apple, outage, boston marathon, boston marathon explosions, boston marathon scams, waco fertilizer plant explosion, hak5, remnux Johannes Ullrich Episode 1026 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3251.mp3 http://isc.sans.edu/podcastdetail.html?id=3251 Thu, 18 Apr 2013 01:07:02 GMT https://isc.sans.edu/diary/Boston-Related+Malware+Campaigns+Have+Begun/15629
Microsoft 2-Factor Authentication
http://blogs.technet.com/b/microsoft_blog/archive/2013/04/17/microsoft-account-gets-more-secure.aspx
Linode Breach
http://blog.linode.com/2013/04/16/security-incident-update/
Copy/Paste Trick
http://www.h-online.com/open/news/item/Old-tricks-are-new-again-Dangerous-copy-paste-1842898.html]]> 6:08 daily, network, security, computer, internet, boston marathon, boston marathon bombing, fake charities, Java 7u21, apple, outage, boston marathon explosions, boston marathon scams Johannes Ullrich Episode 1025 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3248.mp3 http://isc.sans.edu/podcastdetail.html?id=3248 Wed, 17 Apr 2013 00:37:08 GMT http://support.apple.com/kb/HT1222
http://support.apple.com/kb/HT5678
TeliaSonera CA in Firefox
https://bugzilla.mozilla.org/show_bug.cgi?id=539924
Oracle Critical Patch Update
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html]]> 6:25 daily, network, security, computer, internet, certificate, certutil, enterprise certificate authority, psexec, sysinternals, boston marathon bombing, boston marathon, fake charities, Java 7u21 Johannes Ullrich Episode 1024 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3245.mp3 http://isc.sans.edu/podcastdetail.html?id=3245 Tue, 16 Apr 2013 01:46:28 GMT Discount Code SANSFIREISC10
https://www.sans.org/event/ipv6-summit-2013
IPv6 TCP Scanner
http://www.iniqua.com/labs/topera-invisible-tcp-scanner/?lang=en
2.4 Million Credit Card Stolen from Retailer
http://www.kmov.com/news/editors-pick/Schnucks-says-24-million-credit-and-debit-cards-affected-by-hacking-202993581.html?google_editors_picks=true]]> 5:53 daily, network, security, computer, internet, 61, protocol, certificate, certutil, enterprise certificate authority, psexec, sysinternals, boston marathon bombing Johannes Ullrich Episode 1023 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3242.mp3 http://isc.sans.edu/podcastdetail.html?id=3242 Mon, 15 Apr 2013 01:15:06 GMT http://blog.hostgator.com/2013/04/11/global-wordpress-brute-force-flood/
Stolen Certificate used in Attack against Tibetan NGOs
http://www.securelist.com/en/blog/208194218/Winnti_Stolen_Digital_Certificates_Used_in_Orphan_Tibetan_Refugee_Children_Caregivers_Attack]]> 5:52 daily, network, security, computer, internet, 61, packets, protocol Johannes Ullrich Episode 1022 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3241.mp3 http://isc.sans.edu/podcastdetail.html?id=3241 Fri, 12 Apr 2013 02:02:43 GMT http://support.kaspersky.com/9751
Windows 7 System Fails to boot after patch
https://support.microsoft.com/kb/2839011
Cisco Statement About Linksys Firmware Bugs (EA2700 routers)
http://threatpost.com/en_us/blogs/linksys-smart-wi-fi-safe-home-router-flaws-classic-configuration-vulnerable-041113
Update to AMI key leak
http://adamcaudill.com/2013/04/04/security-done-wrong-leaky-ftp-server/
Plane Hacking Presentation
http://conference.hitb.org/hitbsecconf2013ams/materials/D1T1%20-%20Hugo%20Teso%20-%20Aircraft%20Hacking%20-%20Practical%20Aero%20Series.pdf]]> 6:55 daily, network, security, computer, internet, google, malware, scam Johannes Ullrich Episode 1021 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3239.mp3 http://isc.sans.edu/podcastdetail.html?id=3239 Thu, 11 Apr 2013 01:22:10 GMT Mozilla Persona Beta 2
https://developer.mozilla.org/en-US/docs/Persona/Protocol_Overview
Microsoft 2 Factor Auth
http://www.ghacks.net/2013/04/09/finally-two-factor-authentication-coming-to-microsoft-accounts/
Ubiplay hack
http://www.ubergizmo.com/2013/04/far-cry-3-blood-dragon-spotted-on-torrent-sites-after-ubisoft-uplay-service-hack/
Twitter used to target Tibet Activists
https://www.cybersquared.com/apt_targetedattacks_within_socialmedia/
]]> 6:19 daily, network, security, computer, internet, black tuesday, msft, overview, patches, adobe, google, malware, scam Johannes Ullrich Episode 1020 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3238.mp3 http://isc.sans.edu/podcastdetail.html?id=3238 Wed, 10 Apr 2013 02:01:19 GMT http://technet.microsoft.com/en-us/security/bulletin/ms13-apr
Adobe April 2013 Bulletins
http://blogs.adobe.com/psirt/2013/04/adobe-security-bulletins-posted-5.html
]]> 6:27 daily, network, security, computer, internet, web app sec, black tuesday, msft, overview, patches, adobe Johannes Ullrich Episode 1019 A daily summary of events from the SANS Internet Storm Center the ISC micro podcast is a quick daily summary of threats to the Internet. http://isc.sans.edu/podcast/podcast3235.mp3 http://isc.sans.edu/podcastdetail.html?id=3235 Tue, 09 Apr 2013 00:33:16 GMT http://www.kb.cert.org/vuls/id/557252
Bitcoin Record High
http://www.bitcoincharts.com/bitcoin/
D-Link Firmware Updates
http://more.dlink.de/sicherheit/firmware.html
Fireeye Advanced Threat Report
http://www.fireeye.com/blog/technical/malware-research/2013/04/the-new-fireeye-advanced-threat-report.html]]> 5:23 daily, network, security, computer, internet, web app sec