Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Sysinternals Updates, Analyzing Stuxnet Infection with Sysinternals Tools Part 3

Published: 2011-05-20
Last Updated: 2011-05-20 23:01:51 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

The following tools have been updated: VMMap v3.1, RAMMap v1.11, Handle v3.46, Process Explorer v14.12. Additional information is available here.

Of equal interest, Mark’s Blog: Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 3 available here.

[1] http://blogs.technet.com/b/sysinternals/archive/2011/05/18/updates-vmmap-v3-1-rammap-v1-11-handle-v3-46-process-explorer-v14-12-and-mark-s-blog-analyzing-a-stuxnet-infection-with-the-sysinternals-tools-part-3.aspx
[2] http://blogs.technet.com/b/markrussinovich/archive/2011/05/10/3422212.aspx
 

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

0 comment(s)

Common Vulnerability Reporting Framework (CVRF)

Published: 2011-05-20
Last Updated: 2011-05-20 02:04:45 UTC
by Guy Bruneau (Version: 1)
2 comment(s)

A new vulnerability reporting framework was announced this week to standardize security vulnerability reporting. "The Common Vulnerability Reporting Framework (CVRF) is an XML-based language that will enable different stakeholders across different organizations to share critical security-related information in a single format, speeding up information exchange and digestion." [1]

A 12-page whitepaper is available on this new standard that can be freely downloaded here and a list of FAQ is available here.


[1] http://www.icasi.org/cvrf

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Keywords: CVRF
2 comment(s)

Distributed Denial of Service Cheat Sheet

Published: 2011-05-20
Last Updated: 2011-05-20 01:19:43 UTC
by Guy Bruneau (Version: 1)
1 comment(s)

The CERT Societe Generale has released another cheat sheet for Distributed Denial of Service (DDoS) freely available here. "This Incident Response Methodology is a cheat sheet dedicated to handlers investigating on a precise security issue." [1]


[1] http://cert.societegenerale.com/resources/files/IRM-4-DDoS.pdf

Previously published cheat sheet:

Worm Infection - http://cert.societegenerale.com/resources/files/IRM-1-Worm-Infection.pdf
Windows Intrusion - http://cert.societegenerale.com/resources/files/IRM-2-Windows-Intrusion.pdf
Unix Intrusion - http://cert.societegenerale.com/resources/files/IRM-3-Unix-Intrusion.pdf

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Keywords: DDoS IRM
1 comment(s)
Diary Archives